Lucene search
K

77 matches found

RedHat Linux
RedHat Linux
added 2024/11/12 9:11 a.m.4 views

kernel: x86/mm: Fix pti_clone_pgtable() alignment assumption

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

5.5CVSS6.4AI score0.00223EPSS
Exploits0References5
NVD
NVD
added 2024/09/04 8:15 p.m.22 views

CVE-2024-45001

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignment and atomic op panic The MANA driver's RX buffer allocsize is passed into napibuildskb to create SKB. skbshinfoskb is located at the end of skb, and its alignment is affected by the...

5.5CVSS0.00236EPSS
Exploits0References4
OSV
OSV
added 2024/09/04 7:15 p.m.3 views

DEBIAN-CVE-2024-44965

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...

5.5CVSS5.7AI score0.00223EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:44 a.m.10 views

kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling The Linux kernel CVE team has assigned CVE-2024-35814 to this issue. Upstream advisory:...

8.8CVSS6.8AI score0.00234EPSS
Exploits0References5
Prion
Prion
added 2024/03/02 10:15 p.m.23 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: don't force huge page alignment on 32 bit commit efa7df3e3bb5 "mm: align larger anonymous mappings on THP boundaries" caused two issues 1 2 reported on 32 bit system or compat userspace. It doesn't make too much...

7.2AI score0.00277EPSS
Exploits0References3
OSV
OSV
added 2024/02/28 9:15 a.m.5 views

CVE-2021-46976

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...

5.5CVSS7.4AI score
Exploits0References4
RedHat Linux
RedHat Linux
added 2023/12/12 5:33 p.m.8 views

kernel: x86/sev: Make enc_dec_hypercall() accept a size instead of npages

In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...

5.6AI score0.00112EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/09/08 12:0 a.m.7 views

Quarkus Security Vulnerabilities

Quarkus is a cloud-native Linux container-first framework for writing Java applications. A security vulnerability exists in Quarkus that stems from one of the HTTP security policies failing to properly clean up certain character alignments when accepting a request, resulting in incorrect privileg...

8.1CVSS6.8AI score0.01215EPSS
Exploits1References16
CNNVD
CNNVD
added 2023/08/22 12:0 a.m.5 views

Crypto++ 缓冲区错误漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ 8.4 and earlier versions, which stems from the fact that if allocated memory is not 16-byte aligned, the function FixSizeAllocatorWithCleanup may write to memory outside of the allocation...

7.5CVSS6.3AI score0.00823EPSS
Exploits1References3
OSV
OSV
added 2022/12/08 2:46 a.m.8 views

GSD-2022-1007925 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()

bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36020 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.12 through v6.0.9 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.6 views

PT-2022-36489 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2022-36316 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.4 views

PT-2022-36552 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/11/23 12:0 a.m.5 views

PT-2022-37433 · Mimalloc · Mimalloc

Name of the Vulnerable Software and Affected Versions: mimalloc affected versions not specified Description: The issue arises from a change in the mimalloc allocator's logic, which broke a promise regarding alignments. This change caused the crate to return memory with incorrect alignment for...

6.8AI score
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/02/16 10:36 p.m.32 views

crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64

Impact The affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates...

8.1CVSS7.9AI score0.0122EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2022/02/15 7:15 p.m.8 views

AZL-41454 CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

8.1CVSS7.1AI score0.0122EPSS
Exploits1References1
OSV
OSV
added 2022/02/15 7:15 p.m.4 views

AZL-61381 CVE-2022-23639 affecting package rust for versions less than crossbeam_utils-0.8.7

crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...

8.1CVSS7.1AI score0.0122EPSS
Exploits1References1
OSV
OSV
added 2022/01/06 10:4 p.m.2 views

GHSA-9HFG-PXR6-Q4VP Use of a Broken or Risky Cryptographic Algorithm in crypto2

The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...

9.8CVSS7.2AI score0.00753EPSS
Exploits0References5
Prion
Prion
added 2021/09/09 8:15 a.m.35 views

Buffer overflow

Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure an...

5CVSS7.7AI score0.00587EPSS
Exploits0References1
Rows per page
Query Builder