DEBIAN-CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

ALPINE-CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319 Linux: buffer overrun in netback due to unusual packet

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319 Linux: buffer overrun in netback due to unusual packet

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

CVE-2023-34319

CVE-2023-34319 is a Linux kernel netback driver buffer overrun caused by an edge case where an entire packet is fragmented into the maximum pieces yet remains smaller than the area that preserves all headers together, after the XSA-423 fix. Exploitation could enable local denial-of-service or ins...

CVE-2023-34319

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many piece...

OESA-2023-1678 opensc security update

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to sma...

OESA-2023-1679 opensc security update

OpenSC provides a set of libraries and utilities to work with smart cards. Its main focus is on cards that support cryptographic operations, and facilitate their use in security applications such as authentication, mail encryption and digital signatures. OpenSC implements the standard APIs to sma...

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization product lifecycle management system allows a hacker to execute arbitrary code.

The vulnerability of Parasolid’s 3D geometric modeling tool and the Teamcenter Visualization lifecycle management system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow attackers to execute arbitrary code...

SUSE-SU-2023:3600-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-2007: Fixed a flaw in the DPT I2O Controller driver that could allow an attacker to escalate privileges and execute arbitrary code in the context of...

The vulnerability of the LibRaw::stretch() function in the LibRaw image processing library allows a attacker to cause a service failure.

The vulnerability of the LibRaw::stretch function in the image processing library LibRaw is related to the situation where the operation’s output goes beyond the buffer boundaries in memory when processing CRW files. Exploiting this vulnerability could allow a remote attacker to cause service...

The vulnerability of the ares_parse_soareply() function in the C-ares asynchronous DNS request library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the aresparsesoareply function in the C-ares library related to the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the econf_writeFile() function in the libeconf configuration analysis and management library allows a attacker to cause a service failure or execute arbitrary code.

The vulnerability of the econfwriteFile function in the libeconf configuration analysis and management library is related to the issue of writing operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause service failures or execute arbitrary cod...

The vulnerability of Adobe Dimension’s 3D design software relates to operations that occur beyond buffer boundaries in memory, allowing attackers to gain unauthorized access to protected information.

The vulnerability of Adobe Dimension’s 3D design software relates to the execution of operations beyond the buffer boundaries in memory when processing GLB files. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by opening a specially create...

Vulnerability of the find_section_in_set() function in the GNU Binutils development environment: This function allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the findsectioninset function in the GNU Binutils development toolset, located in the readelf.c file, relates to the issue of operations going beyond the buffer boundaries when processing ELF files. Exploitation of this vulnerability could allow an attacker to execute arbitra...

ROS-20230915-11

A vulnerability in the Base plugin gst-plugins-base of the Gstreamer multimedia framework is related to a buffer overrun during the parsing and decoding of subtitles from SRT files. operation outside the memory buffer when parsing and decoding subtitles from SRT files. Exploitation exploitation o...

The vulnerability of the CLFS driver for Windows operating systems allows attackers to gain increased privileges.

The vulnerability of the CLFS driver in Windows operating systems is related to the issue where operations exceed the buffer boundaries in memory when processing BLF log files. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the CLFS driver in Windows operating systems allows a hacker to gain unauthorized access to protected information and enhance their privileges.

The vulnerability of the CLFS driver in Windows operating systems is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information and increase their privileges...