10963 matches found
CVE-2025-39823 KVM: x86: use array_index_nospec with indices that come from guest
In the Linux kernel, the following vulnerability has been resolved: KVM: x86: use arrayindexnospec with indices that come from guest min and destid are guest-controlled indices. Using arrayindexnospec after the bounds checks clamps these values to mitigate speculative execution side-channels...
DEBIAN-CVE-2023-53273
In the Linux kernel, the following vulnerability has been resolved: Drivers: vmbus: Check for channel allocation before looking up relids relid2channel assumes vmbus channel array to be allocated when called. However, in cases such as kdump/kexec, not all relids will be reset by the host. When th...
Linux Distros Unpatched Vulnerability : CVE-2022-50315
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS UBSAN complains about array-index-out-of-bounds: 1.980703 kernel: UBSAN: array-index-out-of-bounds in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not using arrayindexnospec for indexes from clients, which could lead to a speculative execution side-channel...
SUSE CVE-2023-53238
In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is INNOPHYPORTNUM. In the for loop, 'i' is used as the index for array 'priv-ports' with a check i INNOPHYPORTNUM which indicates that...
CVE-2023-53238
In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is INNOPHYPORTNUM. In the for loop, 'i' is used as the index for array 'priv-ports' with a check i INNOPHYPORTNUM which indicates that...
CVE-2022-50315
In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS UBSAN complains about array-index-out-of-bounds: 1.980703 kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709 kernel:...
UBUNTU-CVE-2023-53238
In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is INNOPHYPORTNUM. In the for loop, 'i' is used as the index for array 'priv-ports' with a check i INNOPHYPORTNUM which indicates that...
CVE-2022-50315 ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS
In the Linux kernel, the following vulnerability has been resolved: ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS UBSAN complains about array-index-out-of-bounds: 1.980703 kernel: UBSAN: array-index-out-of-bounds in /build/linux-9H675w/linux-5.15.0/drivers/ata/libahci.c:968:41 1.980709 kernel:...
USN-7751-1: SQLite vulnerability
It was discovered that the FTS5 SQLite extension incorrectly calculated certain array lengths. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7751-1 sqlite3 vulnerability
It was discovered that the FTS5 SQLite extension incorrectly calculated certain array lengths. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
CVE-2023-53238 phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()
In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisiinnophyprobe The size of array 'priv-ports' is INNOPHYPORTNUM. In the for loop, 'i' is used as the index for array 'priv-ports' with a check i INNOPHYPORTNUM which indicates that...
CVE-2022-50263
CVE-2022-50263 concerns the Linux kernel component vdpasim. The vulnerability stems from a memory leak when freeing IOTLBs: after the commit that added control virtqueue support, vdpasim->iommu became an array of IOTLBs, and mappings must be cleaned for each free IOTLB rather than deleting onl...
CVE-2023-53195
In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxswmlinecardsinit The line cards array is not freed in the error path of mlxswmlinecardsinit, which can lead to a memory leak. Fix by freeing the array in the error path, thereby...
UBUNTU-CVE-2023-53195
In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxswmlinecardsinit The line cards array is not freed in the error path of mlxswmlinecardsinit, which can lead to a memory leak. Fix by freeing the array in the error path, thereby...
UBUNTU-CVE-2023-53181
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking on krealloc failure Currently dmaresvgetfences will leak the previously allocated array if the fence iteration got restarted and the kreallocarray fails. Free the old array by hand, and make sure we...
CVE-2023-53195 mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init
In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxswmlinecardsinit The line cards array is not freed in the error path of mlxswmlinecardsinit, which can lead to a memory leak. Fix by freeing the array in the error path, thereby...
CVE-2023-53181 dma-buf/dma-resv: Stop leaking on krealloc() failure
In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: Stop leaking on krealloc failure Currently dmaresvgetfences will leak the previously allocated array if the fence iteration got restarted and the kreallocarray fails. Free the old array by hand, and make sure we...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized array access and could lead to a filename handling exception...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from improper array bounds checking, which could lead to out-of-bounds writes...