25 matches found
CVE-2022-49234
In the Linux kernel, the following vulnerability has been resolved: net: dsa: Avoid cross-chip syncing of VLAN filtering Changes to VLAN filtering are not applicable to cross-chip notifications. On a system like this: .-----. .-----. .-----. | sw1 +---+ sw2 +---+ sw3 | '-1-2-' '-1-2-' '-1-2-'...
CBL Mariner 2.0 Security Update: kernel (CVE-2024-50074)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50074 advisory. - In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-...
CVE-2024-50074
An out-of-bounds array access memory flaw was found in the Linux kernel. When snprintf returns the would-be-printed size, not the actual output size, the length calculation can still go over the given limit and cause an overflow, resulting in loss of availability of the system. Mitigation...
CVE-2024-50074
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-50074 parport: Proper fix for array out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-50074
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-41028
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibaacpi: Fix array out-of-bounds access In order to use toshibadmiquirks together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array...
CVE-2024-41028
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibaacpi: Fix array out-of-bounds access In order to use toshibadmiquirks together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array...
CVE-2024-41028
CVE-2024-41028 affects the Linux kernel (platform/x86) where the Toshiba ACPI quirk list lacked a terminating entry, causing an array out-of-bounds access during processing. The issue’s root cause is the missing terminating empty entry; remediation is to add the terminating entry. The CVSSv3.1 im...
CVE-2024-41028 platform/x86: toshiba_acpi: Fix array out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibaacpi: Fix array out-of-bounds access In order to use toshibadmiquirks together with the standard DMI matching functions, it must be terminated by a empty entry. Since this entry is missing, an array...
SUSE-SU-2024:0605-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 20: bsc1219843 Security fixes: - CVE-2023-33850: Fixed information disclosure vulnerability due to the consumed GSKit library bsc1219843. - CVE-2024-20932: Fixed incorrect handling of ZIP files...
Important: Red Hat Security Advisory: java-21-openjdk security update
An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Important: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: java-17-openjdk security and bug fix update
An update for java-17-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: java-11-openjdk security update
An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Important: java-21-openjdk security update
The java-21-openjdk packages provide the OpenJDK 21 Java Runtime Environment and the OpenJDK 21 Java Software Development Kit. Security Fixes: OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing side-channel...
Design/Logic Flaw
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service array out-of-bounds access and application crash via a crafted .aiff file...
CVE-2018-13121
CVE-2018-13121 affects RealOne Player 2.0 Build 6.0.11.872, where processing a specially crafted .aiff file can cause a denial of service via array out-of-bounds access, resulting in an application crash. The entry documents this vulnerability and provides CVSS metrics (CVSS2: 4.3/10; CVSS3: 5.5/...
CVE-2018-3576
improper validation of array index in WiFi driver function sapInterferenceRssiCount leads to array out-of-bounds access in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel...