UBUNTU-CVE-2024-50291

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: add missing buffer index check dvbvb2expbuf didn't check if the given buffer index was for a valid buffer. Add this check...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that originates in the media:mediatek:vcodec module in mtkvcodecmemfree, which sometimes fails to check if a buffer is NULL,...

The vulnerability of the BIOS microprogramming software in Dell PowerEdge servers and Dell Precision Rack workstations allows a hacker to write arbitrary data into the SMRAM (System Management RAM) area.

The vulnerability of the BIOS software of Dell PowerEdge servers and Dell Precision Rack workstations is related to chips during the checking of the SMM connection buffer. Exploiting this vulnerability allows an attacker to write arbitrary data into the SMRAM System Management RAM area...

DEBIAN-CVE-2023-32726

The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server...

CVE-2023-32726

CVE-2023-32726 affects Zabbix (DNS response handling). Root cause: improper check for RDLENGTH can cause a buffer overread when parsing DNS responses. Impacts Zabbix servers/agents using vulnerable code paths as described. Remediation: upgrade to affected package versions. Fedora 38 advisory fixe...

CVE-2023-45676 Multi-byte write heap buffer overflow in start_decoder in stb_vorbis

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendori = get8packetf;. The root cause is an integer overflow in setupmalloc. A sufficiently large value in the variable sz overflows with sz+7 in and the negative...

CLSA-2023-1697575950 Fix CVE(s): CVE-2023-4504

SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2023-4504.patch: check for end of buffer if there is an escaped character - CVE-2023-4504...

CVE-2023-28577

In the function call related to CAMREQMGRRELEASEBUF there is no check if the buffer is being used. So when a function called cammemgetcpubuf to get the kernel va to use, another thread can call CAMREQMGRRELEASEBUF to unmap the kernel va which cause UAF of the kernel address...

SUSE-SU-2022:4224-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2022-39318: Fixed division by zero in urbdrc bsc1205563. - CVE-2022-39319: Fixed missing input buffer length check in urbdrc bsc1205564...

CVE-2022-36052 Out-of-bounds read when decompressing UDP header

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. The 6LoWPAN implementation in Contiki-NG may cast a UDP header structure at a certain offset in a packet buffer. The code does not check whether the packet buffer is large enough to fit a full UDP heade...

CVE-2019-14112

Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...

Integer overflow

In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

wifirxpower - Local Buffer Overflow (PoC)

Title: wifirxpower - Local Stack Based Buffer Overflow + Credits / Discovery: Nassim Asrir + Author Email: [email protected] || https://www.linkedin.com/in/nassim-asrir-b73a57122/ + Author Company: Henceforth + CVE: N/A Vendor: =============== https://github.com/cnlohr/wifirxpower Download:...

USN-1160-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...