CVE-2023-53331

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Check start of empty przs during init After commit 30696378f68a "pstore/ram: Do not treat empty buffers as valid", initialization would assume a prz was valid after seeing that the buffersize is zero regardless of the...

nodejs: memory corruption in napi_get_value_string_* functions

A flaw was found in nodejs. Calling napigetvaluestringlatin1, napigetvaluestringutf8, or napigetvaluestringutf16 with a non-NULL buf, and a bufsize of 0 will cause the entire string value to be written to buf, probably overrunning the length of the buffer...

nodejs: memory corruption in napi_get_value_string_* functions

A flaw was found in nodejs. Calling napigetvaluestringlatin1, napigetvaluestringutf8, or napigetvaluestringutf16 with a non-NULL buf, and a bufsize of 0 will cause the entire string value to be written to buf, probably overrunning the length of the buffer...

kernel: Incorrect type conversion for size during dma allocation

A flaw was found where the kernel truncated the value used to indicate the size of a buffer which it would later become zero using an untruncated value. This can corrupt memory outside of the original allocation...