1399 matches found
CVE-2023-53033
The CVE-2023-53033 entry concerns the Linux kernel Netfilter nft_payload code, where arithmetic incorrectly added the VLAN header size when handling VLAN bits (notably for double-tagged packets). The issue is fixed by using subtraction to adjust the length, addressing CVE-2023-0179, with impact d...
CVE-2023-53033 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the boundaries of the vlanethh...
CVE-2023-53033 netfilter: nft_payload: incorrect arithmetics when fetching VLAN header bits
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the boundaries of the vlanethh...
CVE-2023-53033
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: incorrect arithmetics when fetching VLAN header bits If the offset + length goes over the ethernet + vlan header, then the length is adjusted to copy the bytes that are within the boundaries of the vlanethh...
CVE-2023-53032 netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is subject to overflow due to ...
CVE-2023-53032 netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function.
In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmapipcreate function. When firstip is 0, lastip is 0xFFFFFFFF, and netmask is 31, the value of an arithmetic expression 2 netmask - maskbits - 1 is subject to overflow due to ...
CVE-2022-49748 perf/x86/amd: fix potential integer overflow on shift of a int
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using 32 bit arithmetic and then passed as a 64 bit function argument. In the case where i is 32 or more...
The vulnerability of the bdev_open_by_dev() function in the block/bdev.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the bdevopenbydev function in the block/bdev.c module of the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause a service failure...
Allocation of Resources Without Limits or Throttling
Overview gmpy2 is a gmpy2 interface to GMP, MPFR, and MPC for Python 3.7+ Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling when performing arbitrary-precision calculations based on the GNU Multiple Precision Arithmetic Library GMP, in...
inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...
inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic
...
Linux Distros Unpatched Vulnerability : CVE-2021-29155
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading ...
CVE-2022-49404
In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix potential integer multiplication overflow errors When multiplying of different types, an overflow is possible even when storing the result in a larger type. This is because the conversion is done after the...
F5 Networks BIG-IP : zlib vulnerability (K000149905)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000149905 advisory. inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
F5 Networks BIG-IP : zlib vulnerability (K000149915)
The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K000149915 advisory. inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper...
[SECURITY] Fedora 40 Update: php-phpseclib-2.0.48-1.fc40
MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...
[SECURITY] Fedora 41 Update: php-phpseclib-2.0.48-1.fc41
MIT-licensed pure-PHP implementations of an arbitrary-precision integer arithmetic library, fully PKCS1 v2.1 compliant RSA, DES, 3DES, RC4, Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509...
CVE-2022-25658
Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
The vulnerability of the nv17_tv_get_hd_modes() function in the Linux kernel’s DRM driver allows a hacker to trigger a service failure.
The vulnerability of the nv17tvgethdmodes function in the Linux kernel’s DRM driver is related to pointer arithmetic errors. Exploiting this vulnerability could allow a hacker to trigger a service failure...
The vulnerability in the driver/gpu/drm/amd/amdkfd/kfd InterruptInterrupt.c component of the Linux operating system allows a attacker to cause a service failure.
The vulnerability of the drivers/gpu/drm/amd/amdkfd/kfd InterruptInterrupt.c component in the Linux operating system is related to pointer arithmetic errors. Exploiting this vulnerability can allow an attacker to cause a service failure...