SUSE SLES15 Security Update : kernel (Live Patch 5 for SLE 15 SP5) (SUSE-SU-2024:1251-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1251-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE-SU-2024:1251-1 Security update for the Linux Kernel (Live Patch 5 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005528 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE-SU-2024:1249-1 Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059130 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE-SU-2024:1236-1 Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050053 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability in...

SUSE-SU-2024:1246-1 Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059115 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE SLES15 Security Update : kernel RT (Live Patch 0 for SLE 15 SP5) (SUSE-SU-2024:1181-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1181-1 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of t...

SUSE-SU-2024:1183-1 Security update for the Linux Kernel RT (Live Patch 3 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001311 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability i...

SUSE-SU-2024:1181-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-15050011 fixes several issues. The following security issues were fixed: - CVE-2024-0565: Fixed an out-of-bounds memory read flaw in receiveencryptedstandard in fs/smb/client/smb2ops.c bsc1219078. - CVE-2023-42753: Fixed an array indexing vulnerability in...

The vulnerability of the `on_receive_session_packet_ack` function in the `libv2_sdk.so` library of DJI’s quadrocopters—such as the DJI Mavic 3 Pro, DJI Mavic 3, DJI Mavic 3 Classic, DJI Mavic 3 Enterprise, DJI Matrice 300, DJI Matrice M30, DJI Mavic Mini 3 Pro—allows a intruder to disclose protected information or execute arbitrary code.

The vulnerability of the onreceivesessionpacketack function in the libv2sdk.so library of DJI’s quadrocopters, such as the DJI Mavic 3 Pro, DJI Mavic 3, DJI Mavic 3 Classic, DJI Mavic 3 Enterprise, DJI Matrice 300, DJI Matrice M30, and DJI Mavic Mini 3 Pro, is related to unvalidated array indexin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an out-of-bounds problem with array indexing...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1275)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2024-1275)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvbcaen50221.c, a use-after-free can occur is there is a...

BIT-TENSORFLOW-2020-15211 Out of bounds access in tensorflow-lite

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indice...

The vulnerability of the do_format function in the ataflop component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the doformat function in the ataflop component of the Linux operating system’s kernel is related to unvalidated array indexing. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

RHEL 7 : kernel (RHSA-2024:0999)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0999 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net/sched: clsu32 component...

PYSEC-2024-150

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...

CVE-2024-24563 Vyper array negative index vulnerability

Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an int as an index for an array. The typechecker allows the usage of...

RHEL 8 : kernel (RHSA-2024:0562)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0562 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: bpf: Incorrect verifier prunin...

Oracle Linux 9 : kernel (ELSA-2024-12094)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12094 advisory. - nfp: fix use-after-free in areacacheget Jialiang Wang CVE-2022-3545 - drivers: net: slip: fix NPD bug in sltxtimeout Duoming Zhou CVE-2022-41858 -...

CentOS 7 : kpatch-patch (RHSA-2024:0371)

The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0371 advisory. - An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the h-nets array...