UBUNTU-CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

CVE-2021-47366

Summary (CVE-2021-47366) : In the Linux kernel AFS client vulnerability, reads from an OpenAFS server could be corrupted when file positions or read lengths exceeded 2G, due to switching between FS.FetchData (signed 32-bit pos/len) and FS.FetchData64. The fix captures file server capabilities via...

DEBIAN-CVE-2024-27436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array...

UBUNTU-CVE-2024-27436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array...

CVE-2024-27436 ALSA: usb-audio: Stop parsing channels bits when all channels are found.

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array...

CVE-2024-27436

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Stop parsing channels bits when all channels are found. If a usb audio device sets more bits than the amount of channels it could write outside of the map array...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from resolving channel bits even after all channels have been found...

AZL-40540 CVE-2024-32615 affecting package hdf5 for versions less than 1.14.4.3-1

HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H5Znbitdecompressonebyte in H5Znbit.c, caused by the earlier use of an initialized pointer...

UBUNTU-CVE-2024-34244

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbuswritebits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors...

CVE-2024-34244

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbuswritebits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors...

PT-2024-25764 · Libmodbus · Libmodbus

Name of the Vulnerable Software and Affected Versions: libmodbus version 3.1.10 Description: The issue is a Buffer Overflow that can be triggered via the modbus write bits function when it is fed with specially crafted input. This leads to out-of-bounds read and can potentially cause a crash or...

Buildroot 安全漏洞

Buildroot is Buildroot's open source set of Makefiles and Patch files. It is used to simplify and automate the process of building a complete and bootable Linux environment for embedded systems. A security vulnerability exists in versions prior to Buildroot 0b2967e that stems from missing sticky...

No title provided

REJECTED CVE An issue was identified in the Linux kernel's netfilter subsystem related to nftables. The issue occurs when a positive value, such as NFACCEPT, is provided in the upper 16 bits of NFDROP verdict parameters, which are expected to contain valid errno values e.g., -EPERM. This improper...

Open Networking Foundation ONOS 安全漏洞

Open Networking Foundation ONOS is an open source SDN controller open sourced by Open Networking Foundation. It is used to build next-generation SDN/NFV solutions. A security vulnerability exists in Open Networking Foundation ONOS onos-lib-go version 0.10.25, which stems from an index out-of-boun...

CVE-2024-32883

MCUboot is a secure bootloader for 32-bits microcontrollers. MCUboot uses a TLV tag-length-value structure to represent the meta data associated with an image. The TLVs themselves are divided into two sections, a protected and an unprotected section. The protected TLV entries are included as part...

PT-2024-40040 · Gnu · Gmp

Name of the Vulnerable Software and Affected Versions: PHPECC affected versions not specified Description: The issue concerns malleable ECDSA signature attacks. When generating new ECDSA signatures, the use of the GMPMath adapter, which wraps the GNU Multiple Precision arithmetic library GMP,...

SUSE CVE-2024-32041

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate /gfx on by default, set /bpp or /rfx options...

The vulnerability of the idxd component in the Linux operating system’s kernel allows a hacker to disclose confidential information.

The vulnerability of the idxd component in the Linux operating system’s kernel is related to the re-writing of the SWERR and OVERFLOW bits. Exploiting this vulnerability can allow an attacker to disclose confidential information...

RHEL 8 : shim (RHSA-2024:1902)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1902 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

RHEL 8 : shim (RHSA-2024:1883)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1883 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...