kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

kernel: crypto: bcm - Fix pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - Fix pointer arithmetic In spu2dumpomd value of ptr is increased by ciphkeylen instead of hashivlen which could lead to going beyond the buffer boundaries. Fix this bug by changing ciphkeylen to hashivlen. Found by...

The vulnerability of MediaTek’s WLAN microprogramming software chip allows a hacker to execute arbitrary code.

The vulnerability of the WLAN microprogramming software of MediaTek’s chips lies in the fact that the execution of operations goes beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

The vulnerability of the btrfs component of the Linux operating system’s kernel, related to writing beyond the memory boundaries, allows a hacker to trigger a service failure.

The vulnerability of the btrfs component in Linux operating systems relates to the copying of overly large compressed segments. The compressed length may be corrupted, resulting in a much larger amount of memory being allocated for the buffer. Exploiting this vulnerability can allow an attacker t...

The vulnerability of the x86 IOMMU Identity Mapping component in the cross-platform hypervisor Xen allows a attacker to influence the confidentiality, integrity, and accessibility of the system.

The vulnerability of the x86 IOMMU Identity Mapping component in the cross-platform hypervisor Xen is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the...

The vulnerability in the alloc.c component of the Vim text editor allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability in the alloc.c component of the Vim text editor relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the occurrence of operations outside the buffer in memory, allows attackers to access confidential data.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to gain access to confidential data...

The vulnerability of the split_cmdline() function in the Git distributed version control system allows a hacker to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the splitcmdline function in the distributed version of Git’s version control system is related to the escape of operations beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause...

The vulnerability of the pspdf_prepare_outpages() function in the ps-pdf.cxx component of the HTMLDOC conversion tool allows a attacker to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the pspdfprepareoutpages function in the ps-pdf.cxx component of the HTMLDOC conversion tool is related to writing beyond buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to writing beyond the buffer boundary, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of Web page rendering modules in WebKitGTK and WPE WebKit relates to writing beyond the buffer boundaries. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the Adobe Photoshop graphic editor relates to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Adobe Photoshop graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, using a specially created malware file...

The vulnerability of Adobe After Effects’ video and dynamic image editing software arises from the possibility of operations going beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe After Effects video and dynamic image editing software relates to the execution of operations beyond buffer boundaries in memory. Exploiting this vulnerability can allow attackers to gain unauthorized access to protected information through a specially created malicious...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the TCP/IP protocol implementation in Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the TCP/IP protocol implementation in Windows operating systems lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

ROS-20240916-10

A vulnerability in the ncwrapentry component of the library for controlling I/O to the terminal ncurses, is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to affect confidentiality, integrity, and availabili...

The vulnerability of the decode_status_report() function in the OFono mobile communication interface, related to the issue of operations going beyond the buffer in memory, allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the decodestatusreport function in the OFono mobile communication interface is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to access confidential data, compromise its integrity, and cause...

The vulnerability of Adobe InDesign’s computer layout automation tool, related to the execution of operations beyond buffer boundaries in memory, allows attackers to bypass the ASLR protection mechanism and gain unauthorized access to protected information.

The vulnerability of Adobe InDesign’s computer layout automation tool is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to bypass the ASLR protection mechanism and gain unauthorized access to protected informati...

ROS-20240911-09

Vulnerability of the pkgconftupleparse function libpkgconf/tuple.c of the software tool for setting flags for pkgconf development libraries is related to a buffer overrun. compiler and linker flags for pkgconf development libraries is related to the operation exceeding the buffer boundaries. in...

The vulnerability in Microsoft Edge’s Chromium-based browser occurs due to the execution of operations beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Edge based on Chromium is related to the issue of operations going beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Fedora: Security Advisory (FEDORA-2024-a84c59eedc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...