PT-2024-37630 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr affected versions not specified Description: The issue occurs in the utf8 trunc function found in zephyr/lib/utils/utf8.c, where last byte p might point to the byte just before the string pointer if the string is empty. This is a buffe...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

kernel: net: amd-xgbe: Fix skb data length underflow

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : espeak-ng (SUSE-SU-2024:2632-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2632-1 advisory. - CVE-2023-49990: Fixed buffer overflow in SetUpPhonemeTable function at synthdata.c bsc1218010 ...

SUSE-SU-2024:2632-1 Security update for espeak-ng

This update for espeak-ng fixes the following issues: - CVE-2023-49990: Fixed buffer overflow in SetUpPhonemeTable function at synthdata.c bsc1218010 - CVE-2023-49991: Fixed stack-buffer-underflow exists in the function CountVowelPosition in synthdata.c bsc1218006 - CVE-2023-49992: Fixed...

kernel: net: amd-xgbe: Fix skb data length underflow

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...

CBL Mariner 2.0 Security Update: c-ares / fluent-bit / grpc / nodejs (CVE-2023-31130)

The version of c-ares / fluent-bit / grpc / nodejs installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-31130 advisory. - c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a...

SUSE CVE-2022-48743

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...

UBUNTU-CVE-2022-48743

In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fix skb data length underflow There will be BUGON triggered in include/linux/skbuff.h leading to intermittent kernel panic, when the skb length underflow is detected. Fix this by dropping the packet if such length...

RHEL 7 : libxvmc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXvMC: Insufficient validation of server responses results in buffer underflow CVE-2016-7953 Note that Nessus has...

RHEL 9 : espeak-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - espeak-ng: buffer overflow in ReadClause function at readclause.c CVE-2023-49993 - Espeak-ng 1.52-dev was...

RHEL 8 : espeak-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - espeak-ng: buffer overflow in ReadClause function at readclause.c CVE-2023-49993 - Espeak-ng 1.52-dev was...

RHEL 6 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - mercurial:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a buffer underflow in the nilfs2 module...

RHEL 5 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: doaproutch function does not verify that certain memory allocation succeeds CVE-2016-2842 -...

RHEL 9 : espeak-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - espeak-ng: buffer overflow in ReadClause function at readclause.c CVE-2023-49993 - Espeak-ng 1.52-dev was...

RHEL 6 : libxvmc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXvMC: Insufficient validation of server responses results in buffer underflow CVE-2016-7953 Note that Nessus has...

RHEL 8 : espeak-ng (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - espeak-ng: buffer overflow in ReadClause function at readclause.c CVE-2023-49993 - Espeak-ng 1.52-dev was...