77 matches found
kernel: x86/mm: Fix pti_clone_pgtable() alignment assumption
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
CVE-2024-45001
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix RX buf allocsize alignment and atomic op panic The MANA driver's RX buffer allocsize is passed into napibuildskb to create SKB. skbshinfoskb is located at the end of skb, and its alignment is affected by the...
DEBIAN-CVE-2024-44965
In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fix pticlonepgtable alignment assumption Guenter reported dodgy crashes on an i386-nosmp build using GCC-11 that had the form of endless traps until entry stack exhaust and then DF from the stack guard. It turned out that...
kernel: swiotlb: Fix double-allocation of slots due to broken alignment handling
In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling The Linux kernel CVE team has assigned CVE-2024-35814 to this issue. Upstream advisory:...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: mm: hugememory: don't force huge page alignment on 32 bit commit efa7df3e3bb5 "mm: align larger anonymous mappings on THP boundaries" caused two issues 1 2 reported on 32 bit system or compat userspace. It doesn't make too much...
CVE-2021-46976
In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix crash in autoretire The retire logic uses the 2 lower bits of the pointer to the retire function to store flags. However, the autoretire function is not guaranteed to be aligned to a multiple of 4, which causes...
kernel: x86/sev: Make enc_dec_hypercall() accept a size instead of npages
In the Linux kernel, the following vulnerability has been resolved: x86/sev: Make encdechypercall accept a size instead of npages encdechypercall accepted a page count instead of a size, which forced its callers to round up. As a result, non-page aligned vaddrs caused pages to be spuriously marke...
Quarkus Security Vulnerabilities
Quarkus is a cloud-native Linux container-first framework for writing Java applications. A security vulnerability exists in Quarkus that stems from one of the HTTP security policies failing to properly clean up certain character alignments when accepting a request, resulting in incorrect privileg...
Crypto++ 缓冲区错误漏洞
Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ 8.4 and earlier versions, which stems from the fact that if allocated memory is not 16-byte aligned, the function FixSizeAllocatorWithCleanup may write to memory outside of the allocation...
GSD-2022-1007925 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 by commit...
PT-2022-36020 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v4.12 through v6.0.9 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-36489 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.267 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-36316 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.156 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-36552 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: The issue is related to an alignment problem in the bpf prog test run skb function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-37433 · Mimalloc · Mimalloc
Name of the Vulnerable Software and Affected Versions: mimalloc affected versions not specified Description: The issue arises from a change in the mimalloc allocator's logic, which broke a promise regarding alignments. This change caused the crate to return memory with incorrect alignment for...
crossbeam-utils Unsoundness of AtomicCell<{i,u}64> arithmetics on 32-bit targets that support Atomic{I,U}64
Impact The affected versions of this crate incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a 32-bit target can be smaller than AtomicI,U64. This can cause the following problems: - Unaligned memory accesses - Data race Crates...
AZL-41454 CVE-2022-23639 affecting package librsvg2 for versions less than 2.58.1-1
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
AZL-61381 CVE-2022-23639 affecting package rust for versions less than crossbeam_utils-0.8.7
crossbeam-utils provides atomics, synchronization primitives, scoped threads, and other utilities for concurrent programming in Rust. crossbeam-utils prior to version 0.8.7 incorrectly assumed that the alignment of i,u64 was always the same as AtomicI,U64. However, the alignment of i,u64 on a...
GHSA-9HFG-PXR6-Q4VP Use of a Broken or Risky Cryptographic Algorithm in crypto2
The implementation does not enforce alignment requirements on input slices while incorrectly assuming 4-byte alignment through an unsafe call to std::slice::fromrawpartsmut, which breaks the contract and introduces undefined behavior. This affects Chacha20 encryption and decryption in crypto2...
Buffer overflow
Possible buffer over read due to lack of alignment between map or unmap length of IPA SMMU and WLAN SMMU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure an...