Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from not properly handling padding bits when decoding RTP packet headers, which could lead to information disclosure...

SUSE CVE-2023-53376

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

CVE-2023-53376

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

AZL-72325 CVE-2023-53376 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

CVE-2023-53376 scsi: mpi3mr: Use number of bits to manage bitmap sizes

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using byte as unit. However, bitmap helper functions assume that bitmaps are allocated using unsigned long...

CVE-2023-53376

CVE-2023-53376 affects the Linux kernel scsi mpi3mr driver, where bitmap sizing used bytes instead of bits caused slab-out-of-bounds access (notably during firmware download to eHBA-9600) via find_first_zero_bit() in mpi3mr_send_event_ack(). The fix switches bitmap management to number-of-bits ar...

DragonFly's manager generates mTLS certificates for arbitrary IP addresses

Impact A peer can obtain a valid TLS certificate for arbitrary IP addresses, effectively rendering the mTLS authentication useless. The issue is that the Manager’s Certificate gRPC service does not validate if the requested IP addresses “belong to” the peer requesting the certificate—that is, if...

GHSA-C2FC-9Q9C-5486 Dragonfly vulnerable to timing attacks against Proxy’s basic authentication

Impact The access control mechanism for the Proxy feature uses simple string comparisons and is therefore vulnerable to timing attacks. An attacker may try to guess the password one character at a time by sending all possible characters to a vulnerable mechanism and measuring the comparison...

DEBIAN-CVE-2023-53357

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because 'page = bitmap-pages', but the return value was not checked immediately in...

UBUNTU-CVE-2023-53357

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because 'page = bitmap-pages', but the return value was not checked immediately in...

CVE-2023-53357

CVE-2023-53357 affects the Linux kernel md/raid10 code. The slab-out-of-bounds occurs in md_bitmap_get_counter when a large value is written to md/bitmap_set_bits, causing -EINVAL if page >= bitmap->pages and the result isn’t checked promptly. The fix moves the page-boundary check into md_b...

CVE-2023-53357

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because 'page = bitmap-pages', but the return value was not checked immediately in...

CVE-2023-53333

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nfconntrackdccppacket has an unique: dh = skbheaderpointerskb, dataoff, sizeofdh, &dh; And nothing more is 'pulled' from the...

DEBIAN-CVE-2025-39815

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...

CVE-2025-39815 RISC-V: KVM: fix stack overrun when loading vlenb

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...

CVE-2025-39815 RISC-V: KVM: fix stack overrun when loading vlenb

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...

CVE-2023-53192 vxlan: Fix nexthop hash size

In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fibmultipathhash and rt6multipathhash. Passing the 32 bit hash returned by skbgethash can lead to problems related to the fact that...

DEBIAN-CVE-2025-39784

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix link speed calculation on retrain failure When pciefailedlinkretrain fails to retrain, it tries to revert to the previous link speed. However it calculates that speed from the Link Control 2 register without masking out...

CVE-2025-39784

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix link speed calculation on retrain failure When pciefailedlinkretrain fails to retrain, it tries to revert to the previous link speed. However it calculates that speed from the Link Control 2 register without masking out...