An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks a random number generator may be seeded with too little data.

...

UBUNTU-CVE-2024-38621

In the Linux kernel, the following vulnerability has been resolved: media: stk1160: fix bounds checking in stk1160copyvideo The subtract in this condition is reversed. The -length is the length of the buffer. The -bytesused is how many bytes we have copied thus far. When the condition is reversed...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the afnetlink component's lack of a length check on skb...

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write...

SAMSUNG Mobile Processor Security Vulnerability

SAMSUNG Mobile Processor is a family of mobile processors from Samsung South Korea. A security vulnerability exists in SAMSUNG Mobile Processor that stems from a lack of proper buffer length checking, which could result in out-of-bounds writes...

CVE-2024-31956

CVE-2024-31956 affects Samsung Mobile Processor Exynos 2200, Exynos 1480, and Exynos 2400. The issue is improper buffer length checking that can cause an Out-of-Bounds Write in these components. Public technical details in connected documents identify the affected products and the root cause (buf...

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write...

CVE-2024-31956

An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write...

SUSE CVE-2024-35938

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

CVE-2024-35938

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

DEBIAN-CVE-2024-35938

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

CVE-2024-35938

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

CVE-2024-35938

CVE-2024-35938 : Linux kernel wifi/ath11k MHI channel buffers were reduced from the default 64KB to 8KB by setting buf_len to 8KB for QCA6390/WCN6855. This avoids large allocations that can fail under memory fragmentation when memory compaction/reclaim is not allowed, reducing risk of page‑alloca...

CVE-2024-35938 wifi: ath11k: decrease MHI channel buffer length to 8KB

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB Currently buflen field of ath11kmhiconfigqca6390 is assigned with 0, making MHI use a default size, 64KB, to allocate channel buffers. This is likely to fail in some scenari...

OESA-2024-1571 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE...

OESA-2024-1570 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE...

OESA-2024-1568 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE...

DEBIAN-CVE-2024-26994

In the Linux kernel, the following vulnerability has been resolved: speakup: Avoid crash on very long word In case a console is set up really large and contains a really long word 256 characters, we have to stop before the length of the word buffer...

UBUNTU-CVE-2024-26952

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to -Buffer offset to...

CVE-2024-32017

CVE-2024-32017 affects RIOT OS. The issue is a buffer overflow in gcoap DNS server proxy logic: a typo causes a length check of _uri instead of _proxy, risking overflow in subsequent strcpy. Additionally, _gcoap_forward_proxy_copy_options() lacks explicit bounds before copying into cep->req_et...