2519 matches found
PT-2023-33865 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.16 Description: The issue concerns undefined behavior in a bit shift operation related to TTM TT FLAG PRIV POPULATED. The actual impact and potential for attack have not been proven. Recommendations: For...
CVE-2022-32657
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042...
CVE-2022-32659
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066...
CVE-2022-32659
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066...
CVE-2022-32658
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059...
CVE-2022-32658
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059...
CVE-2022-32659
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705066; Issue ID: GN20220705066...
CVE-2022-32658
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059...
CVE-2022-32658
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705059; Issue ID: GN20220705059...
CVE-2022-32657
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042...
CVE-2022-32657
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705042; Issue ID: GN20220705042...
MediaTek 输入验证错误漏洞
MediaTek Chipsets are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a mishandling in the Wi-Fi driver that could result in undefined behavior, which could lead to a local privilege escalation that requir...
MediaTek 输入验证错误漏洞
MediaTek Chipsets are a variety of chips from MediaTek, a Chinese company called MediaTek. A security vulnerability exists in MediaTek Chipsets, which stems from a mishandling in the Wi-Fi driver that could result in undefined behavior, which could lead to a local privilege escalation that requir...
prettytable-rs: Force cast a &Vec<T> to &[T] may lead to undefined behavior
In function Table::asref, a reference of vector is force cast to slice. There are multiple problems here: 1. To guarantee the size is correct, we have to first do Vec::shrinktofit. The function requires a mutable reference, so we have to force cast from immutable to mutable, which is undefined...
GHSA-GFGM-CHR3-X6PX prettytable-rs: Force cast a &Vec<T> to &[T] may lead to undefined behavior
In function Table::asref, a reference of vector is force cast to slice. There are multiple problems here: 1. To guarantee the size is correct, we have to first do Vec::shrinktofit. The function requires a mutable reference, so we have to force cast from immutable to mutable, which is undefined...
PT-2022-22287 · Nvidia +1 · Nvidia Gpu Display Driver For Linux +1
Name of the Vulnerable Software and Affected Versions: NVIDIA GPU Display Driver for Linux affected versions not specified Description: The issue is related to a helper function in the kernel mode layer handler that maps more physical pages than requested, potentially leading to undefined behavio...
EulerOS Virtualization 2.10.1 : vim (EulerOS-SA-2022-2949)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. CVE-2022-2257 - Use After Free in GitHub repository vim/vim prior to...
EulerOS Virtualization 2.10.0 : vim (EulerOS-SA-2022-2923)
According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. CVE-2022-2257 - Use After Free in GitHub repository vim/vim prior to...
GSD-2022-1008307 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.300 by commit...
GSD-2022-1008256 net: mdio: fix undefined behavior in bit shift for __mdiobus_register
net: mdio: fix undefined behavior in bit shift for mdiobusregister This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.265 by commit...