The vulnerability of the smb2_probe() function in the drivers/power/supply/qcom_pmi8998_charger.c file of the Linux kernel power supply driver allows a hacker to cause a system failure.

The vulnerability of the smb2probe function in the drivers/power/supply/qcompmi8998charger.c file of the Linux kernel power supply driver is related to a pointer arithmetic error. Exploiting this vulnerability could allow an attacker to cause a system failure...

CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

DEBIAN-CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

CVE-2021-46908

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

CVE-2021-46908

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

CVE-2021-46908 bpf: Use correct permission flag for mixed signed bounds arithmetic

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of correct permission flags for mixed-signature boundary arithmetic...

UBUNTU-CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

The vulnerabilities of the functions PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes(), and PKCS12_newpass() in the OpenSSL library allow a attacker to cause a service failure.

The vulnerabilities of the functions PKCS12parse, PKCS12unpackp7data, PKCS12unpackp7encdata, PKCS12unpackauthsafes, and PKCS12newpass in the OpenSSL library are related to pointer arithmetic errors. Exploiting these vulnerabilities could allow an attacker to cause a service failure...

The vulnerability of the Squid proxy server, related to pointer dereferencing errors, allows a hacker to cause a service failure.

The vulnerability of the Squid proxy server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c

A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...

RHEL 8 : kernel (RHSA-2024:0724)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0724 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: use-after-free in schqfq netwo...

The vulnerability of the EVP_PKEY_public_check() function in the OpenSSL library allows a attacker to cause a service failure.

The vulnerability of the EVPPKEYpubliccheck function in the OpenSSL library is related to pointer arithmetic errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Post-quantum Cryptography for the Go Ecosystem

filippo.io/mlkem768 is a pure-Go implementation of ML-KEM-768 optimized for correctness and readability. ML-KEM formerly known as Kyber, renamed because we can't have nice things is a post-quantum key exchange mechanism in the process of being standardized by NIST and adopted by most of the...

Out-of-bounds Write

ARM is vulnerable to Out-of-bounds Write. The vulnerability is due to arithmetic overflows during cache cleaning and invalidation, which can skip the intended cache operations, leading to undefined behavior where writes may not reach memory as expected...

kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c

A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...

Kernel: nf_tables: pointer math issue in nft_byteorder_eval()

...

PT-2024-13309 · S-Lang +1 · S-Lang +1

Name of the Vulnerable Software and Affected Versions: S-Lang version 2.3.2 Description: The issue is related to an arithmetic exception in S-Lang via the tt sprintf function. Recommendations: For S-Lang version 2.3.2, consider disabling the tt sprintf function until a patch is available. At the...