11000 matches found
array-init-cursor is unsound when used with types that implement `Drop`
The Drop implementation will get run twice when using the cursor. This issue does not affect you, if you are using only using the crate with types that are Copy such as u8. This issue also does not affect you, if you are only depending on it through the crate planus...
CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
RHEL 8 : kernel-rt (RHSA-2025:3211)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3211 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
RHEL 8 : kernel-rt (RHSA-2025:3264)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3264 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Securi...
RHEL 9 : kernel (RHSA-2025:3128)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3128 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds...
RHEL 8 : kernel (RHSA-2025:3209)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:3209 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: arm64: cacheinfo: Avoid out-of-bounds...
SUSE CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
SUSE CVE-2023-52988
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center...
SUSE CVE-2023-53000
In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...
Dell Unity 安全漏洞
Dell Unity is a mid-range storage array software from Dell EMC for data storage and management. Dell Unity suffers from an OS command injection vulnerability that can be exploited by an attacker to submit a special request to delete arbitrary files...
CVE-2023-52988
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center...
CVE-2023-52987
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...
CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
DEBIAN-CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
UBUNTU-CVE-2023-53000
In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from nlavalidateparse or validatenla u16 type = nlatypenla; if type == 0 || type maxtype / error or continue / @type is then used as a...
UBUNTU-CVE-2023-52988
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center...
UBUNTU-CVE-2022-49743
In the Linux kernel, the following vulnerability has been resolved: ovl: Use "buf" flexible array for memcpy destination The "buf" flexible array needs to be the memcpy destination to avoid false positive run-time warning from the recent FORTIFYSOURCE hardening: memcpy: detected field-spanning...
UBUNTU-CVE-2023-53010
In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen ... Call...
CVE-2023-52990
...
CVE-2023-52988 ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center...