CVE-2021-47182 scsi: core: Fix scsi_mode_sense() buffer length handling

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE SENSE10 command is 16-bits, occupying bytes 7 and 8 of the CDB. With...

CVE-2021-47182 scsi: core: Fix scsi_mode_sense() buffer length handling

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE SENSE10 command is 16-bits, occupying bytes 7 and 8 of the CDB. With...

CVE-2021-47182

The CVE-2021-47182 entry concerns the Linux kernel scsi_mode_sense() implementation. Affected component: scsi core. Issues: improper handling of the MODE SENSE(10) allocation length field (16-bit, truncating lengths >255) and buffer length adjustments that could corrupt memory when len is too ...

CVE-2021-47182

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense buffer length handling: 1 The allocation length field of the MODE SENSE10 command is 16-bits, occupying bytes 7 and 8 of the CDB. With...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a mishandling of the scsimodesense buffer length function, resulting in a security hole...

AZL-37068 CVE-2024-29195 affecting package azure-iot-sdk-c for versions less than 2022.01.21-4

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

AZL-70178 CVE-2024-29195 affecting package python-uamqp 1.5.1-4

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

UBUNTU-CVE-2024-29195

The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to...

Important: firefox

Issue Overview: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. CVE-2024-1546 Through a series of API calls and...

SUSE CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

Mozilla Firefox Out-of-Bounds Read Vulnerability (CNVD-2024-12552)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from an out-of-bounds read vulnerability that originates from a buffer length that may be obfuscated when data is stored and re-accessed over a network channel, which can be...

DEBIAN-CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

UBUNTU-CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emacmactxbufsend In emacmactxbufsend, it calls emactxfilltpd..,skb,... If some error happens in emactxfilltpd, the skb will be freed via devkfreeskbskb in error branch of emactxfilltpd...

Mozilla: Out-of-bounds memory read in networking channels

The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

Mozilla: Out-of-bounds memory read in networking channels

The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

Mozilla: Out-of-bounds memory read in networking channels

The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

Mozilla: Out-of-bounds memory read in networking channels

The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

Mozilla: Out-of-bounds memory read in networking channels

The Mozilla Foundation Security Advisory describes this flaw as: When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read...

RHEL 9 : thunderbird (RHSA-2024:0984)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0984 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.8.0. Security Fixes: Mozilla:...

SUSE CVE-2024-1546

When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8...