kernel: ALSA: ymfpci: Fix BUG_ON in probe function

An assertion failure was found in the Linux kernel's Yamaha YMF sound card driver during buffer validation. The probe function includes a BUGON assertion that compares DMA buffer sizes without accounting for alignment, causing the assertion to fail when the aligned buffer size doesn't exactly mat...

kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...

kernel: ALSA: ymfpci: Fix BUG_ON in probe function

An assertion failure was found in the Linux kernel's Yamaha YMF sound card driver during buffer validation. The probe function includes a BUGON assertion that compares DMA buffer sizes without accounting for alignment, causing the assertion to fail when the aligned buffer size doesn't exactly mat...

K000137107: Crypto++ vulnerability CVE-2022-48570

Security Advisory Description Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-143...

kernel: nf_tables: stack-out-of-bounds-read in nft_byteorder_eval()

An out-of-bounds OOB memory access flaw was found in the Netfilter module in the Linux kernel's nftbyteordereval in net/netfilter/nftbyteorder.c. A bound check failure allows a local attacker with CAPNETADMIN access to cause a local privilege escalation issue due to incorrect data alignment...

Unbreakable Enterprise kernel-container security update

5.4.17-2136.323.8.el7 - vhost-scsi: Fix alignment handling with windows Mike Christie Orabug: 35769318 - Revert 'vhost/scsi: support non zerocopy iovecs' Rajan Shanmugavelu Orabug: 35769318 5.4.17-2136.323.7.el7 - x86: change default to specstorebypassdisable=prctl spectrev2user=prctl Andrea...

Unbreakable Enterprise kernel security update

5.4.17-2136.323.8 - vhost-scsi: Fix alignment handling with windows Mike Christie Orabug: 35769318 - Revert 'vhost/scsi: support non zerocopy iovecs' Rajan Shanmugavelu Orabug: 35769318 5.4.17-2136.323.7 - x86: change default to specstorebypassdisable=prctl spectrev2user=prctl Andrea Arcangeli...

RUSTSEC-2023-0059 Unaligned read of `*const *const c_char` pointer

Affected versions dereference a potentially unaligned pointer. The pointer is commonly unaligned in practice, resulting in undefined behavior. In some build modes, this is observable as a panic followed by abort. In other build modes the UB may manifest in some other way, including the possibilit...

Quarkus Security Vulnerabilities

Quarkus is a cloud-native Linux container-first framework for writing Java applications. A security vulnerability exists in Quarkus that stems from one of the HTTP security policies failing to properly clean up certain character alignments when accepting a request, resulting in incorrect privileg...

The text cursor display is incorrect.

In Citrix VDI or Apps, when the mouse pointer is aligned with the input field, the text cursor is displayed incorrectly...

Claiming prizes will be bricked if prize periods are not aligned with twab periods

Lines of code Vulnerability details Comments The previous implementation allowed a malicious user to keep updating their balances provided the previous observation fell within the same period. As such, if a draw ends part way through a period, the user would be able to manipulate their average...

Crypto++ 缓冲区错误漏洞

Crypto++ is a C++ cryptographic method library. A security vulnerability exists in Crypto++ 8.4 and earlier versions, which stems from the fact that if allocated memory is not 16-byte aligned, the function FixSizeAllocatorWithCleanup may write to memory outside of the allocation...

CVE-2022-48570

Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally remov...

kernel security and bug fix update

3.10.0-1160.95.1.0.1.OL7 - debug: lock down kgdb Orabug: 34270798 CVE-2022-21499 3.10.0-1160.95.1.OL7 - Update Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 2481767...

Resilient Security Requires Mature Cyber Threat Intelligence Capabilities

Resilient Security Requires Mature Cyber Threat Intelligence Capabilities By Trellix Advanced Research Center · August 5, 2023 Threat intelligence and the ability to add context to each technology environment to global threats has never been more important to the role of the CISO, or to the board...

CVE-2023-37479 Improper sanitization of MXCSR and RFLAGS in OpenEnclave

Open Enclave is a hardware-agnostic open source library for developing applications that utilize Hardware-based Trusted Execution Environments, also known as Enclaves. There are two issues that are mitigated in version 0.19.3. First, Open Enclave SDK does not properly sanitize the MXCSR register ...

PT-2023-25989 · Unknown · Open Enclave

Name of the Vulnerable Software and Affected Versions: Open Enclave versions prior to 0.19.3 Description: The issue concerns two problems in the Open Enclave SDK. First, it does not properly sanitize the MXCSR register on enclave entry, making applications vulnerable to MXCSR Configuration...

CVE-2023-35001

An out-of-bounds OOB memory access flaw was found in the Netfilter module in the Linux kernel's nftbyteordereval in net/netfilter/nftbyteorder.c. A bound check failure allows a local attacker with CAPNETADMIN access to cause a local privilege escalation issue due to incorrect data alignment...

atty potential unaligned read

On windows, atty dereferences a potentially unaligned pointer. In practice however, the pointer won't be unaligned unless a custom global allocator is used. In particular, the System allocator on windows uses HeapAlloc, which guarantees a large enough alignment. atty is Unmaintained A Pull Reques...

CVE-2023-37304

An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature...