Improper Restriction of Operations within the Bounds of a Memory Buffer and Race Condition in crossbeam-utils

...

CVE-2024-4640

OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable due to missing bounds checking on buffer operations. An attacker could write past the boundaries of allocated buffer regions in memory, causing a program crash...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from pointers being able to access memory outside of a buffer...

The vulnerability of the packet_buffer_get() function in the Linux operating system’s IEEE 1394 (FireWire) driver allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the packetbufferget function in the drivers/firewire/nosy.c module of the Linux IEEE 1394 FireWire driver is related to accessing memory beyond the permitted buffer data limits. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity...

The vulnerability of the sch_fragment() function in the net/sched/sch_frag.c module of the net/sched component in the Linux operating system’s kernel allows a attacker to compromise the confidentiality and accessibility of the protected information.

The vulnerability of the schfragment function in the net/sched/schfrag.c module of the net/sched component of the Linux operating system is related to reading memory beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow an attacker to compromise the confidentiality...

The vulnerability of the Linux operating system’s kernel allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Linux operating system’s kernel is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Integer overflow

During the secure boot, bl2 the second stage of the bootloader loops over images defined in the table “bl2memparamsdescs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

CVE-2024-1633 FIP Header Integer Overflow

During the secure boot, bl2 the second stage of the bootloader loops over images defined in the table “bl2memparamsdescs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integ...

CVE-2023-5643

Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel...

CVE-2023-5643 Mali GPU Kernel Driver allows improper GPU memory processing operations

Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel...

CVE-2023-6334

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7...

The vulnerability of the `nvmet_ctrl_find_get()` function in the `drivers/nvme/target/core.c` file of the NVMe-OFF/TCP subsystem in the Linux operating system allows a attacker to gain access to protected information.

The vulnerability of the nvmetctrlfindget function in the drivers/nvme/target/core.c file of the NVMe-OFF/TCP subsystem in the Linux operating system is related to reading beyond the bounds of a reserved buffer. Exploiting this vulnerability could allow an attacker, acting remotely, to gain acces...

The vulnerability of the yajl_buf.c component in the YAJL-ruby JSON library allows a hacker to gain access to confidential data.

The vulnerability of the yajlbuf.c component in the YAJL-ruby library relates to the situation where an operation is performed outside the buffer’s memory boundaries. Exploiting this vulnerability could allow a remote attacker to gain access to confidential data...

CVE-2023-34970

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

CVE-2023-34970 Mali GPU Kernel Driver Allows Improper GPU Memory Processing Operations

A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the system’s memory is carefully prepared by the user, then this in turn could give them access to already freed memory...

Panasonic Control FPWin Pro7

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Panasonic Equipment: Control FPWIN Pro7 Vulnerabilities: Type Confusion, Stack-based Buffer Overflow, Improper Restriction of Operations within the Bounds of a Memory Buffer 2. RISK EVALUATION Successful exploitation of...

Input validation

Insufficient input validation in the SMU may enable a privileged attacker to write beyond the intended bounds of a shared memory buffer potentially leading to a loss of integrity...

Design/Logic Flaw

An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0...

CVE-2023-25755

Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer CWE-119 due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project...

PT-2023-3074 · 3S Smart Software Solutions · Codesys Control

Name of the Vulnerable Software and Affected Versions: CODESYS Control versions affected versions not specified Description: The issue is related to an improper restriction of operations within the bounds of a memory buffer, which can be exploited by a remote attacker with user privileges to gain...