kernel: dm mirror log: round up region bitmap size to BITS_PER_LONG

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

kernel: NFSD: Fix exposure in nfsd4_decode_bitmap()

REJECTED CVE In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix exposure in nfsd4decodebitmap The Linux kernel CVE team has assigned CVE-2021-47213 to this issue...

CVE-2022-3649

A flaw was found in the NILFS2 file system implementation in the Linux kernel. If the beginning of the inode bitmap area was corrupted on disk, an inode with the same inode number as the root inode could be allocated and fail soon after. The subsequent call to nilfsclearinode wrongly decremented...

PT-2024-11228 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the NFSD, specifically in the nfsd4 decode bitmap function. The issue was reported by [email protected]. Recommendation...

Amazon Linux 2022 : autotrace, autotrace-devel (ALAS2022-2022-160)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-160 advisory. A biWidthbiBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image. CVE-2019-19004 A bitmap doubl...

EulerOS 2.0 SP8 : freerdp (EulerOS-SA-2022-2457)

According to the versions of the freerdp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In FreeRDP before version 2.1.2, there is a global OOB read in updatereadcachebitmapv3order. As a workaround, one can disable bitmap cache with...

GSD-2022-1005913 md-raid: destroy the bitmap after destroying the thread

md-raid: destroy the bitmap after destroying the thread This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.137 by commit...

GSD-2022-1005739 Revert "md-raid: destroy the bitmap after destroying the thread"

Revert "md-raid: destroy the bitmap after destroying the thread" This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.140 by commit...

GSD-2022-1005676 md-raid: destroy the bitmap after destroying the thread

md-raid: destroy the bitmap after destroying the thread This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.61 by commit...

PT-2022-33934 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.61 Description: The issue concerns the md-raid component, where the bitmap is not properly destroyed after the thread is destroyed. This is an automated ID intended to aid in discovery of potential securit...

GSD-2022-1005350 md-raid: destroy the bitmap after destroying the thread

md-raid: destroy the bitmap after destroying the thread This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.2 by commit...

[SECURITY] Fedora 37 Update: autotrace-0.31.9-1.fc37

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

Fedora: Security Advisory for autotrace (FEDORA-2022-6813a0eb99)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: autotrace-0.31.9-1.fc36

AutoTrace is a program for converting bitmaps to vector graphics. Supported input formats include BMP, TGA, PNM, PPM, and any format supported by ImageMagick, whereas output can be produced in Postscript, SVG, xfig, SWF, and others...

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

Memory corruption

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables...

PT-2022-17440 · Qualcomm · Snapdragon Connectivity +7

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Consumer IOT affected versions not specified Snapdragon Industrial IOT...

CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...

DEBIAN-CVE-2022-1325

A flaw was found in Clmg, where with the help of a maliciously crafted pandore or bmp file with modified dx and dy header field values it is possible to trick the application into allocating huge buffer sizes like 64 Gigabyte upon reading the file from disk or from a virtual buffer...