80 matches found
CLSA-2025-1755114348 orc: Fix of CVE-2024-40897
CVE-2024-40897: use vasprintf if available for error messages and otherwise vsnprintf to allocate as much memory as required and avoid buffer overflow...
UBUNTU-CVE-2024-57917
In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...
CVE-2024-49934 fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name
In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dumpmapping accessing invalid dentry.dname.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: ------------ cut here...
SUSE CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878
A null pointer dereference vulnerability was found in vsnprintf when str and len parameters are passed to vsnprintf, which only allows passing a NULL ptr when the length is 0. This issue can result in a crash and damage to availability. Mitigation Mitigation for this issue is either not available...
CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
DEBIAN-CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
UBUNTU-CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878 of: module: prevent NULL pointer dereference in vsnprintf()
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878 of: module: prevent NULL pointer dereference in vsnprintf()
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878 of: module: prevent NULL pointer dereference in vsnprintf()
In the Linux kernel, the following vulnerability has been resolved: of: module: prevent NULL pointer dereference in vsnprintf In ofmodalias, we can get passed the str and len parameters which would cause a kernel oops in vsnprintf since it only allows passing a NULL ptr when the length is also 0...
CVE-2024-35878
CVE-2024-35878 : The connected documentation provides concrete details—this Linux kernel vulnerability concerns a NULL pointer dereference in vsnprintf() triggered by improper handling of the str/len parameters in of_modalias(). The issue could oops when a NULL pointer is passed unless length is ...
PT-2024-26770
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a NULL pointer dereference in the vsnprintf function within the Linux kernel. Specifically, in the of modalias function, the str and len parameters can cause a...
SUSE CVE-2007-3294
Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...
SUSE CVE-2021-36386
reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...
CVE-2021-36386
reportvbuild in report.c in Fetchmail before 6.4.20 sometimes omits initialization of the vsnprintf valist argument, which might allow mail servers to cause a denial of service or possibly have unspecified other impact via long error messages. NOTE: it is unclear whether use of Fetchmail on any...
Denial Of Service(DoS)
Fetchmail is vulnerable to denial of service. reportvbuild in report.c sometimes omits initialization of the vsnprintf valist argument, allowing mail servers to cause a denial of service or possibly have unspecified other impact via long error messages...
JDK: buffer overflow in jio_snprintf() and jio_vsnprintf()
In Eclipse OpenJ9, prior to the 0.12.0 release, the jiosnprintf and jiovsnprintf native methods ignored the length parameter. This affects existing APIs that called the functions to exceed the allocated buffer. This functions were not directly callable by non-native user code...
The vulnerabilities of the functions jio_snprintf and jio_vsnprintf in the Eclipse OpenJ9 virtual machine allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the jiosnprintf and jiovsnprintf functions in the Eclipse OpenJ9 virtual machine is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to trigger buffer overflows and compromise the...