749 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of an incorrect function when handling out-of-bounds accesses to arrays, leading to a potential...
CVE-2024-50007
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity che...
CVE-2024-49970
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'streamencregs' array is an array of dcn10streamencregisters structures. The array is initialized with four elements, corresponding to the four calls t...
CVE-2024-50007
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity che...
CVE-2024-50007 ALSA: asihpi: Fix potential OOB array access
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity che...
CVE-2024-50007 ALSA: asihpi: Fix potential OOB array access
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity che...
CVE-2024-50007 ALSA: asihpi: Fix potential OOB array access
In the Linux kernel, the following vulnerability has been resolved: ALSA: asihpi: Fix potential OOB array access ASIHPI driver stores some values in the static array upon a response from the driver, and its index depends on the firmware. We shouldn't trust it blindly. This patch adds a sanity che...
CVE-2024-50007
CVE-2024-50007 affects the Linux kernel ALSA asihpi/ASIHPI driver. The issue is an out-of-bounds access in a static array populated from firmware data; the index depends on firmware and was not validated. The patch adds a sanity check to ensure the index fits in the array size, preventing potenti...
CVE-2024-49931
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath12kdprxprocess function access...
CVE-2024-49930
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...
CVE-2024-49931 wifi: ath12k: fix array out-of-bound access in SoC stats
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix array out-of-bound access in SoC stats Currently, the ath12ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath12kdprxprocess function access...
CVE-2024-49930 wifi: ath11k: fix array out-of-bound access in SoC stats
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...
CVE-2024-49930 wifi: ath11k: fix array out-of-bound access in SoC stats
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...
CVE-2024-49931
The CVE-2024-49931 issue in Linux kernel WiFi driver ath12k (SoC stats) is a concrete fix: ath12k_dp_rx_process() previously indexed hal_reo_error with the REO destination SRNG ring ID, which is incorrect and caused an out-of-bounds access. The fix uses the normal ring ID directly to prevent out-...
CVE-2024-47751 PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()
In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in kirinpcieparseport Within kirinpcieparseport, the pcie-numslots is compared to pcie-gpioidreset size MAXPCISLOTS which is correct and would lead to an overflow. Thus, fix condition to...
CVE-2024-47751 PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()
In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in kirinpcieparseport Within kirinpcieparseport, the pcie-numslots is compared to pcie-gpioidreset size MAXPCISLOTS which is correct and would lead to an overflow. Thus, fix condition to...
Linux kernel 输入验证错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from inaccuracies in defining the AMDGPUDMUBNOTIFICATIONMAX value, which could lead to out-of-bounds access to...
CVE-2024-42934
CVE-2024-42934 affects OpenIPMI before 2.0.36 due to an out-of-bounds array access in the ipmi_sim simulator (authentication type). This can cause denial of service and, with very low probability, authentication bypass or code execution. Multiple connected Nessus advisories/source entries confirm...
PT-2024-7182
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to an out-of-bounds array access in the Linux kernel's hns3 network driver. Specifically, when querying the SSU register information, the loop iterates tnl num times...
kernel: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats()
A vulnerability was found in the Linux kernel's qla2xxx SCSI driver, specifically in the qlaedifappgetstats function, where an off-by-one error in array access could lead to memory corruption. This issue affects the appreply-elem array, where an incorrect comparison allowed out-of-bounds access...