SUSE CVE-2021-47497

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

CVE-2021-47497

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

kernel: Linux kernel: ACPICA undefined behavior due to zero offset to null pointer

A flaw was found in ACPICA in the Linux kernel. This vulnerability allows for a denial of service via a null pointer dereference...

CVE-2021-47497 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

SUSE CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

DEBIAN-CVE-2023-52819

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexible arrays...

DEBIAN-CVE-2023-52818

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable structs that use flexible array sizes, use flexible arrays...

UBUNTU-CVE-2023-52832

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211gettxpower We can get a UBSAN warning if ieee80211gettxpower returns the INTMIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in...

UBUNTU-CVE-2023-52764

In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the...

CVE-2021-47255 kvm: LAPIC: Restore guard to prevent illegal APIC register access

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APIC register may cause undefined behavior and must not be executed." Worse, such an access in...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

UBUNTU-CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...

CVE-2024-4775

CVE-2024-4775 affects Mozilla Firefox prior to 126. The issue is an missing iterator stop condition when handling WASM code in the built-in profiler, potentially causing invalid memory access and undefined behavior. Affected product: Firefox (pre-126). Root cause: incomplete iterator termination ...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4774

The ShmemCharMapHashEntry code was susceptible to potentially undefined behavior by bypassing the move semantics for one of its data members. This vulnerability affects Firefox 126...

CVE-2024-4775

An iterator stop condition was missing when handling WASM code in the built-in profiler, potentially leading to invalid memory access and undefined behavior. Note: This issue only affects the application when the profiler is running. This vulnerability affects Firefox 126...