CVE-2024-35802

A flaw was found in the Linux kernel. Incorrect position-dependent variable references in the startup code may lead to a crash...

CVE-2024-35802

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-35802

CVE-2024-35802 entry rejected by its CVE Numbering Authority.

CVE-2022-48689

CVE-2022-48689 pertains to a Linux kernel issue in TCP zerocopy where pfmemalloc status could be misinterpreted by page_is_pfmemalloc() in certain paths. The Astra Linux note confirms the advisory and reiterates the same vulnerability in the kernel and notes a prereq backport: 84ce071e38a6 (net: ...

CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report 1 showing a possible misuse of pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers, using...

CVE-2024-26992

The CVE-2024-26992 entry concerns the Linux kernel KVM: x86/pmu feature to disable adaptive PEBS. The advisory states that adaptive PEBS support is dropped due to architectural/breakage and because adaptive PEBS could leak host LBRs/addresses to guests. Root causes include: (1) improper handling ...

SUSE CVE-2021-47172

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...

CVE-2021-47172

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...

CVE-2021-47172 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...

BIT-TENSORFLOW-2021-29542 Heap buffer overflow in `StringNGrams`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams. This is because the...

CVE-2019-25160

In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipsov4maplvlvalid, the other in netlblbitmapwalk. Both errors are embarassingly simple, and the fixes are straightforward. As ...

CVE-2019-25160

In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipsov4maplvlvalid, the other in netlblbitmapwalk. Both errors are embarassingly simple, and the fixes are straightforward. As ...

CVE-2019-25160

In the Linux kernel, the following vulnerability has been resolved: netlabel: fix out-of-bounds memory accesses There are two array out-of-bounds memory accesses, one in cipsov4maplvlvalid, the other in netlblbitmapwalk. Both errors are embarassingly simple, and the fixes are straightforward. As ...

CVE-2023-52340

The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c maxsize threshold that can be consumed easily, e.g., leading to a denial of service network is unreachable errors when IPv6 packets are sent in a loop via a raw socket...

CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

K37337112: Apache Tomcat vulnerability CVE-2017-6056

Security Advisory Description It was discovered that a programming error in the processing of HTTPS requests in the Apache Tomcat servlet and JSP engine may result in denial of service via an infinite loop. The denial of service is easily achievable as a consequence of backporting a CVE-2016-6816...

K55335001: Linux kernel vulnerability CVE-2019-15239

Security Advisory Description In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to ...

SUSE CVE-2019-15902

A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptracegetdebugreg" commit reintroduced the...

SUSE CVE-2021-29522

TensorFlow is an end-to-end open source platform for machine learning. The tf.rawops.Conv3DBackprop operations fail to validate that the input tensors are not empty. In turn, this would result in a division by 0. This is because the...

SUSE CVE-2021-29561

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from tf.rawops.LoadAndRemapMatrix. This is because the...