CVE-2025-37810 usb: dwc3: gadget: check that event count does not exceed event buffer length

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is read from register DWC3GEVNTCOUNT. There is a check for the count being zero, but not for exceeding the event buffer length. Check...

GHSA-WHXR-3P84-RF3C Apache ActiveMQ: Unchecked buffer length can cause excessive memory allocation

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...

CVE-2024-49829

Memory corruption can occur during context user dumps due to inadequate checks on buffer length...

CVE-2024-49829

Memory corruption can occur during context user dumps due to inadequate checks on buffer length...

CVE-2024-49829

CVE-2024-49829 describes a memory corruption in Qualcomm chipsets during contextual user dumps caused by inadequate checks on buffer length. Connected sources attribute the issue to the camera subsystem (buffer copy without checking size) with local attacker requirements (local access, low comple...

PT-2025-19859 · Qualcomm · Snapdragon +10

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: Memory corruption can occur during user context dumps due to inadequate checks on buffer length. This issue is related to improper handling of buffer lengths, which can lead to memory...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a lack of buffer length checking during contextual user dumps, which could lead to memory corruption...

SUSE CVE-2023-53068

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

CVE-2023-53133

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU3 stuck for 27s!...

CVE-2023-53062

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory conten...

CVE-2023-53133 bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU3 stuck for 27s!...

CVE-2023-53133 bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsgparser When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem: watchdog: BUG: soft lockup - CPU3 stuck for 27s!...

The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems allows a intruder to trigger a service failure.

The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems is related to access to the buffer with an incorrect length value. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems allows a intruder to trigger a service failure.

The vulnerability of the SNMP protocol implementation in Cisco IOS and IOS XE operating systems is related to access to the buffer with an incorrect length value. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

kernel: wifi: ath11k: decrease MHI channel buffer length to 8KB

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: decrease MHI channel buffer length to 8KB The Linux kernel CVE team has assigned CVE-2024-35938 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051918-CVE-2024-35938-0100@gregkh/T...

Juniper Networks Junos OS和Juniper Networks Junos OS Evolved 安全漏洞

Juniper Networks Junos OS and Juniper Networks Junos OS Evolved are both products of Juniper Networks, Inc.Juniper Networks Junos OS is a network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. Juniper...

SUSE CVE-2025-2721

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the call is invalid as the buffer pointed to by "data" must have "len" valid bytes."...

SUSE CVE-2025-2723

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: The code maintainer explains that "the call is invalid as the buffer pointed to by "data" must have "len" valid bytes."...

UBUNTU-CVE-2025-2720

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: According to the code maintainer the call of the POC is invalid because the buffer pointed to by "data...

OESA-2025-1321 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs: Ensure 'ibsge list' is accessible Move the declaration of the 'ibsge list' variable outside the 'alwaysinvalidate' block to ensure it remains accessib...