CVE-2024-56572

CVE-2024-56572 : In the Linux kernel, the media: platform: allegro-dvt path fixes a memory-leak in allocate_buffers_internal(). The buffer allocated in the loop may leak if not released on the exception path; the fix ensures the buffer is freed when allegro_alloc_buffer fails. This addresses a lo...

CVE-2024-56572 media: platform: allegro-dvt: Fix possible memory leak in allocate_buffers_internal()

In the Linux kernel, the following vulnerability has been resolved: media: platform: allegro-dvt: Fix possible memory leak in allocatebuffersinternal The buffer in the loop should be released under the exception path, otherwise there may be a memory leak here. To mitigate this, free the buffer wh...

CVE-2024-53213

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xxprobe, the buffer buf was being freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by...

DEBIAN-CVE-2024-53213

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xxprobe, the buffer buf was being freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by...

UBUNTU-CVE-2024-53213

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xxprobe, the buffer buf was being freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by...

CVE-2024-53213 net: usb: lan78xx: Fix double free issue with interrupt buffer allocation

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation In lan78xxprobe, the buffer buf was being freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by...

Security Bulletin: Vulnerability in jetty-http affects IBM Integrated Analytics System[CVE-2023-36478]

Summary The jetty-http package is used by IBM Integrated Analytics System. IBM Integrated Anayltics System has addresed the applicable CVE CVE-2023-36478. Vulnerability Details CVEID:CVE-2023-36478 DESCRIPTION: Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and...

kernel: tpm_tis_spi: Account for SPI header when allocating TPM SPI xfer buffer

In the Linux kernel, the following vulnerability has been resolved: tpmtisspi: Account for SPI header when allocating TPM SPI xfer buffer The TPM SPI transfer mechanism uses MAXSPIFRAMESIZE for computing the maximum transfer length and the size of the transfer buffer. As such, it does not account...

kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup

A security vulnerability has been discovered in the Linux kernel's XFS file system implementation, specifically within the xloglogrechblks function. This flaw arises from an inadequate log recovery buffer allocation during the processing of legacy header size adjustments. The vulnerability can be...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup

A security vulnerability has been discovered in the Linux kernel's XFS file system implementation, specifically within the xloglogrechblks function. This flaw arises from an inadequate log recovery buffer allocation during the processing of legacy header size adjustments. The vulnerability can be...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup

A security vulnerability has been discovered in the Linux kernel's XFS file system implementation, specifically within the xloglogrechblks function. This flaw arises from an inadequate log recovery buffer allocation during the processing of legacy header size adjustments. The vulnerability can be...

Security Bulletin: Vulnerability in Eclipse Jetty affects IBM watsonx.data

Summary Eclipse Jetty is vulnerable to a denial of service, caused by an integer overflow and buffer allocation in MetaDataBuilder.checkSize. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition. This can affect...

xfs: fix log recovery buffer allocation for the legacy h_size fixup

...

CVE-2024-45287

A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data...

CVE-2024-45287

A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data...

CVE-2024-45287

The CVE-2024-45287 issue is a FreeBSD libnv (nvlist) vulnerability caused by a malicious size value in a packed structure that can trigger an integer overflow, leading to a buffer that is too small for parsed data. Affects both kernel and userland; could allow memory overwrite and privilege escal...

CVE-2022-48932 net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, Fix slab-out-of-bounds in mlx5cmddrcreatefte When adding a rule with 32 destinations, we hit the following out-of-band access issue: BUG: KASAN: slab-out-of-bounds in mlx5cmddrcreatefte+0x18ee/0x1e70 This patch fixe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the allocation of insufficient buffers to hold the required operations...