onos-lib-go 输入验证错误漏洞

onos-lib-go is an open source library of utilities and convenience programs for developing µONOS components in Go from the µONOS Project. A security vulnerability exists in onos-lib-go version 0.10.28, which stems from an asn1/aper GetBitString that can cause an index out-of-bounds panic when...

Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch

Summary PickleScan fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully...

kernel: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells

In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...

mozilla -- 64 bit JIT WASM read on left over memory

[email protected] reports: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type...

SUSE CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

SUSE CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

DEBIAN-CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

AZL-68690 CVE-2022-49562 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

DEBIAN-CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

UBUNTU-CVE-2022-49562

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use trycmpxchguser to update guest PTE A/D bits Use the recently introduced trycmpxchguser to update guest PTE A/D bits instead of mapping the PTE into kernel address space. The VMPFNMAP path is broken as it assumes tha...

UBUNTU-CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

CVE-2022-49659 can: m_can: m_can_{read_fifo,echo_tx_event}(): shift timestamp to full 32 bits

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: shift timestamp to full 32 bits In commit 1be37d3b0414 "can: mcan: fix periph RX path: use rx-offload to ensure skbs are sent from softirq context" the RX path for peripheral devices was...

CVE-2022-49659

CVE-2022-49659 : In the Linux kernel, the m_can RX path for peripheral CAN frames (read_fifo/echo_tx_event) was fixed by extending the core timestamps from 16 to 32 bits before passing to RX-offload. The patch in commit 1be37d3b0414 shifts 16-bit timestamps to full 32-bit to prevent overflow issu...

CVE-2022-49366 ksmbd: fix reference count leak in smb_check_perm_dacl()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix reference count leak in smbcheckpermdacl The issue happens in a specific path in smbcheckpermdacl. When "id" and "uid" have the same value, the function simply jumps out of the loop without decrementing the reference...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from dm-log not rounding the size of the regional bitmap to BITSPERLONG, which could lead to out-of-bounds access...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly updating the A/D bits of the guest PTE, which could result in accessing the wrong PFN...

Google Go 安全漏洞

Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google USA. A security vulnerability exists in Google Go that stems from the use of the variable time instruction in the ppc64le architecture, resulting in the disclosure of secret scalar...

Security update for python311, python-rpm-macros

This update for python311, python-rpm-macros fixes the following issues: python311: - CVE-2024-0450: Fixed zipfile module vulnerability with "quoted-overlap" zipbomb bsc1221854 - CVE-2024-4032: Fixed incorrect IPv4 and IPv6 private ranges bsc1226448 - CVE-2024-0397: Fixed memory race condition...

CVE-2024-49573 sched/fair: Fix NEXT_BUDDY

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXTBUDDY Adam reports that enabling NEXTBUDDY insta triggers a WARN in picknextentity. Moving clearbuddies up before the delayed dequeue bits ensures no -next buddy becomes delayed. Further ensure no new -next...