772 matches found
CVE-2024-8798
Affected product: Zephyr RTOS (bluetooth OTS client). Vulnerable component/function: olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. Root cause: improper validation of the length of user input. Impact: availability impact listed as HIGH; confidentiality and integrity not af...
CVE-2024-8798 Bluetooth: classic: avdtp: missing buffer length check
No proper validation of the length of user input in olcpindhandler in zephyr/subsys/bluetooth/services/ots/otsclient.c...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
Important: ghostscript
Issue Overview: PS interpreter - check the type of the Pattern Implementation NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707991 NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8 NOTE:...
kernel: net: avoid potential underflow in qdisc_pkt_len_init() with UFO
In the Linux kernel, the following vulnerability has been resolved: net: avoid potential underflow in qdiscpktleninit with UFO After commit 7c6d2ecbda83 "net: be more gentle about silly gso requests coming from user" virtionethdrtoskb had sanity check to detect malicious attempts from user space ...
kernel: netfilter: nft_payload: sanitize offset and length before calling skb_checksum()
An incorrect buffer length flaw was found in the Linux kernel's netfilter subsystem. A local user could trigger the nftpayloadseteval function and use this issue to crash the system...
CVE-2024-50251
An incorrect buffer length flaw was found in the Linux kernel's netfilter subsystem. A local user could trigger the nftpayloadseteval function and use this issue to crash the system...
SUSE CVE-2024-53083
In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdrlen/txbuflen earlier If the read of USBPDPHYRXACKNOWLEDGEREG failed, then hdrlen and txbuflen are uninitialized. This commit stops to print uninitialized value and misleading/false data...
DEBIAN-CVE-2024-53083
In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdrlen/txbuflen earlier If the read of USBPDPHYRXACKNOWLEDGEREG failed, then hdrlen and txbuflen are uninitialized. This commit stops to print uninitialized value and misleading/false data...
AZL-53843 CVE-2024-53083 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: usb: typec: qcom-pmic: init value of hdrlen/txbuflen earlier If the read of USBPDPHYRXACKNOWLEDGEREG failed, then hdrlen and txbuflen are uninitialized. This commit stops to print uninitialized value and misleading/false data...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninitialized value of hdrlen/txbuflen...
kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB The Linux kernel CVE team has assigned CVE-2024-35938 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T...
kernel: net: usb: lan78xx: Limit packet length to skb->len
In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...
CVE-2024-46956
An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution...
UBUNTU-CVE-2024-50251
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftpayload: sanitize offset and length before calling skbchecksum If access to offset + length is larger than the skbuff length, then skbchecksum triggers BUGON. skbchecksum internally subtracts the length parameter...
SUSE CVE-2024-50131
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...
AZL-52329 CVE-2024-50131 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...
CVE-2024-50131
CVE-2024-50131 affects the Linux kernel tracing subsystem, where length validation for events didn’t account for the NULL terminator. strlen() reports length excluding the trailing null, so if the string length equals the maximum buffer, there is no room for the NULL terminator, allowing potentia...
CVE-2024-50131 tracing: Consider the NULL character when validating the event length
In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...
SUSE CVE-2024-49938
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim has a sanity check on the existing length of the skb, which can be uninitialised in some error paths. The intent here is clearly ju...