Undefined behaviour in `kvm_ioctls::ioctls::vm::VmFd::create_device`

An issue was identified in the VmFd::createdevice function, leading to undefined behavior and miscompilations on rustc 1.82.0 and newer due to the function's violation of Rust's pointer safety rules. The function downcasted a mutable reference to its struct kvmcreatedevice argument to an immutabl...

DEBIAN-CVE-2024-53126

In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...

AZL-54129 CVE-2024-53126 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...

UBUNTU-CVE-2024-53126

In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...

CVE-2024-53126

In CVE-2024-53126, the Linux kernel fixes a UB bug in vdpa/solidrun code where a string placed on the stack in psnet_open_pf_bar() and snet_open_vf_bar() could be used after the stack frame disappeared. The string is not copied by pcim_iomap_regions() or its callees, leading to undefined behavior...

CVE-2024-53126 vdpa: solidrun: Fix UB bug with devres

In the Linux kernel, the following vulnerability has been resolved: vdpa: solidrun: Fix UB bug with devres In psnetopenpfbar and snetopenvfbar a string later passed to pcimiomapregions is placed on the stack. Neither pcimiomapregions nor the functions it calls copy that string. Should the string...

kernel: drm/radeon: fix UBSAN warning in kv_dpm.c

A vulnerability was found in the Linux kernel's DRM/Radeon driver, specifically in the sumovidmappingentry within the kvdpm.c file. Insufficient bounds checking can lead to memory corruption...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an undefined behavior issue in the vdpa driver due to strings being allocated on the stack, as these strings...

Security update for bpftool

This update for bpftool fixes the following issues: CVE-2024-49987: Fixed undefined behavior in qsortNULL, 0, ... bsc1232258 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comman...

SUSE-SU-2024:4157-1 Security update for bpftool

This update for bpftool fixes the following issues: - CVE-2024-49987: Fixed undefined behavior in qsortNULL, 0, ... bsc1232258...

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in FFmpeg version n6.1.1, which can be exploited by attackers to cause undefined behavior or a crash during decoding...

kernel: drm/radeon: fix UBSAN warning in kv_dpm.c

A vulnerability was found in the Linux kernel's DRM/Radeon driver, specifically in the sumovidmappingentry within the kvdpm.c file. Insufficient bounds checking can lead to memory corruption...

CVE-2024-50303

In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walksystemramresrev must retain resource flags walksystemramresrev erroneously discards resource flags when passing the information to the callback. This causes systems with IORESOURCESYSRAMDRIVERMANAGED memory to...

CVE-2024-50303 resource,kexec: walk_system_ram_res_rev must retain resource flags

In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walksystemramresrev must retain resource flags walksystemramresrev erroneously discards resource flags when passing the information to the callback. This causes systems with IORESOURCESYSRAMDRIVERMANAGED memory to...

CVE-2024-50303 resource,kexec: walk_system_ram_res_rev must retain resource flags

In the Linux kernel, the following vulnerability has been resolved: resource,kexec: walksystemramresrev must retain resource flags walksystemramresrev erroneously discards resource flags when passing the information to the callback. This causes systems with IORESOURCESYSRAMDRIVERMANAGED memory to...

CVE-2024-50303

CVE-2024-50303 affects the Linux kernel: walk_system_ram_res_rev discards resource flags when passing information to the callback, causing IORESOURCE_SYSRAM_DRIVER_MANAGED memory to be selected for kexec buffers if located above normal RAM. This can lead to undefined behavior after reboot or a cr...

CLSA-2024-1731956942 Fix CVE(s): CVE-2020-25666, CVE-2020-27764, CVE-2020-27776

SECURITY UPDATE: Undefined behavior in the form of values outside the range of type unsigned long - debian/patches/CVE-2020-27764-and-CVE-2020-27776.patch: Fix outside the range of representable values of type unsigned long - CVE-2020-27764 - CVE-2020-27776 SECURITY UPDATE: Integer overflow in...

USN-7114-1: GLib vulnerability

It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior...

USN-7114-1 glib2.0 vulnerability

It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this issue to cause a crash or other undefined behavior...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : GLib vulnerability (USN-7114-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7114-1 advisory. It was discovered that Glib incorrectly handled certain trailing characters. An attacker could possibly use this...