13 matches found
Astra Linux - уязвимость в linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: x86/MCE/AMD: Use a u64 type for the bankmap. The maximum number of MCA banks is 64 MAXNRBANKS. See a0bc32b3cacf “x86/mce: Increase the maximum number of banks to 64”. However, the bankmap, which contains a bitfield indicating whi...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensate functions of the driver that there could be overflows of variables due to bit shifting ops. These implications were initially discusse...
SUSE CVE-2024-42066
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo-pagealignment to u64 before bit-shifting to prevent overflow when assigning to minpagesize...
CVE-2024-42086 iio: chemical: bme680: Fix overflows in compensate() functions
In the Linux kernel, the following vulnerability has been resolved: iio: chemical: bme680: Fix overflows in compensate functions There are cases in the compensate functions of the driver that there could be overflows of variables due to bit shifting ops. These implications were initially discusse...
CVE-2024-42066
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo-pagealignment to u64 before bit-shifting to prevent overflow when assigning to minpagesize...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not explicitly converting tbo-pagealignment to u64 when calculating page sizes, resulting in a possible...
Due to bit-shifting errors, reserve amounts in the pump will be corrupted, resulting in wrong oracle values
Lines of code Vulnerability details Description It is advised to first read finding: Due to slot confusion, reserve amounts in the pump will be corrupted, resulting in wrong oracle values, which provides all the contextual information for this separate bug. We've discussed how a wrong sload sourc...
GHSA-M9M5-CG5H-R582 Improper random number generation in nanorand
In versions of nanorand prior to 0.5.1, RandomGen implementations for standard unsigned integers could fail to properly generate numbers, due to using bit-shifting to truncate a 64-bit number, rather than just an as conversion. This often manifested as RNGs returning nothing but 0, including the...
nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers
In versions of nanorand prior to 0.5.1, RandomGen implementations for standard unsigned integers could fail to properly generate numbers, due to using bit-shifting to truncate a 64-bit number, rather than just an as conversion. This often manifested as RNGs returning nothing but 0, including the...
RUSTSEC-2020-0089 nanorand 0.5.0 - RNGs failed to generate properly for non-64-bit numbers
In versions of nanorand prior to 0.5.1, RandomGen implementations for standard unsigned integers could fail to properly generate numbers, due to using bit-shifting to truncate a 64-bit number, rather than just an as conversion. This often manifested as RNGs returning nothing but 0, including the...
CVE-2013-4206
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...
CVE-2013-4206
Heap-based buffer underflow in the modmul function in sshbn.c in PuTTY before 0.63 allows remote SSH servers to cause a denial of service crash and possibly trigger memory corruption or code execution via a crafted DSA signature, which is not properly handled when performing certain bit-shifting...
ProtWare HTML Guardian 6.x - Encryption
source: https://www.securityfocus.com/bid/7169/info A weakness has been reported in the encryption scheme used by ProtWare HTML Guardian. Specifically, the encryption scheme implemented obfuscates data using a simple bit shifting technique, making it trivial for attackers to reverse. Administrato...