61 matches found
CVE-2024-53203
In the Linux kernel, the following vulnerability has been resolved: usb: typec: fix potential array underflow in ucsiccgsynccontrol The "command" variable can be controlled by the user via debugfs. The worry is that if conindex is zero then "&uc-ucsi-connectorconindex - 1" would be an array...
CVE-2024-53203
CVE-2024-53203 is a Linux kernel issue: a potential array underflow in usb: typec ucsi_ccg_sync_control() could be triggered when the user controls the command via debugfs, if con_index is zero leading to an access of ucsi.connector[con_index-1]. The vulnerability is resolved in the Linux kernel;...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an array underflow problem in the usb:typec subsystem...
SUSE CVE-2024-53158
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
CVE-2024-53158
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
CVE-2024-53158
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
DEBIAN-CVE-2024-53158
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
UBUNTU-CVE-2024-53158
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
CVE-2024-53158 soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
CVE-2024-53158 soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
CVE-2024-53158
CVE-2024-53158 relates to the Linux kernel: in soc: qcom: geni-se, an array underflow in geni_se_clk_tbl_get() occurred because a loop’s break condition using clk_round_rate() poorly handled the first iteration, causing reads before the start of these->clk_perf_tbl[]. The issue was fixed in th...
CVE-2024-53158 soc: qcom: geni-se: fix array underflow in geni_se_clk_tbl_get()
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: geni-se: fix array underflow in geniseclktblget This loop is supposed to break if the frequency returned from clkroundrate is the same as on the previous iteration. However, that check doesn't make sense on the first...
kernel: amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
An array underflow vulnerability was found in the Linux kernel's AMD GPU power management driver. In vega20odneditdpmtable, the inputindex variable is validated to be at most 2 but is not checked for negative values. Since this value is user-controlled via sysfs, a user can provide a negative val...
libreoffice: Array index underflow in Calc formula parsing
A vulnerability was found in LibreOffice. Improper validation of the array index in the spreadsheet component of The Document Foundation in LibreOffice allows an attacker to craft a spreadsheet document that causes an array index underflow when loaded. In affected versions of LibreOffice, certain...
DEBIAN-CVE-2023-0950
Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...
PT-2023-2958 · Document Foundation +9 · Libreoffice +9
Name of the Vulnerable Software and Affected Versions: LibreOffice versions 7.4.0 through 7.4.5 LibreOffice versions 7.5.0 through 7.5.0 Description: The issue is related to an improper validation of array index in the spreadsheet component, allowing an attacker to craft a malicious spreadsheet...
SUSE CVE-2018-16648
In Artifex MuPDF 1.13.0, the fzappendbyte function in fitz/buffer.c allows remote attackers to cause a denial of service segmentation fault via a crafted pdf file. This is caused by a pdf/pdf-device.c pdfdevalpha array-index underflow...
GSD-2023-1001472 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
amdgpu/pm: prevent array underflow in vega20odneditdpmtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001169 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
amdgpu/pm: prevent array underflow in vega20odneditdpmtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000772 amdgpu/pm: prevent array underflow in vega20_odn_edit_dpm_table()
amdgpu/pm: prevent array underflow in vega20odneditdpmtable This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...