4205 matches found
CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
AZL-54094 CVE-2024-53142 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
CVE-2024-53142 initramfs: avoid filename buffer overrun
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
CVE-2024-53142
CVE-2024-53142: Linux kernel initramfs fix for filename buffer overrun. Root cause: during initramfs cpio extraction, the do_name() path passed a non-zero-terminated filename to kernel file operations, allowing trailing bytes from uninitialized memory to be incorporated into a created path. Impac...
CVE-2024-53142
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
CVE-2024-53142 initramfs: avoid filename buffer overrun
In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined in Documentation/driver-api/early-userspace/buffer-format.rst as: 37 cpiofile := ALGN4 + cpioheader + filename + "\0" + ALGN4 + data ... 55...
The vulnerability of the V-Simulator 5 component of the monitoring software for Fuji Electric Tellus Lite V-Simulator allows a intruder to execute arbitrary code.
The vulnerability of the V-Simulator 5 component of the monitoring software for the Fuji Electric Tellus Lite V-Simulator relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially...
The vulnerability of the sub_42EA38 function in Tenda RX9 and RX9 Pro microprogramming devices allows a hacker to induce a service failure.
The vulnerability of sub42EA38 in the microprogramming software of Tenda RX9 and RX9 Pro relates to writing beyond buffer boundaries. Exploiting this vulnerability can allow a malicious actor to trigger a service failure by sending a specially crafted POST request...
The vulnerability of the speakup component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the speakup component in the Linux operating system’s kernel is related to an operation that goes beyond the buffer boundaries in the getword function. Exploiting this vulnerability could allow a attacker to trigger a service failure...
The vulnerability of the str_base64_encode_rfc2047() function in the Zabbix universal monitoring system allows a attacker to trigger a service failure.
The vulnerability of the strbase64encoderfc2047 function in the Zabbix universal monitoring system is related to the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures...
The vulnerability of the HMI interface configuration software Monitouch V-SFT lies in the possibility of operations going beyond the buffer boundaries in memory, allowing an attacker to execute arbitrary code.
The vulnerability of the HMI interface configuration software Monitouch V-SFT lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code using specially created V9C files...
kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files
A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...
SUSE CVE-2024-53106
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...
The vulnerability of the drm_sched_entity_kill_jobs() function in the Linux operating system allows a hacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the drmschedentitykilljobs function in the drivers/gpu/drm/scheduler/schedentity.c file of the Linux operating system is related to memory writing beyond the bounds of the allocated buffer. Exploiting this vulnerability could allow a remote attacker to compromise the...
CVE-2024-53106
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...
DEBIAN-CVE-2024-53106
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...
UBUNTU-CVE-2024-53106
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...
CVE-2024-53106 ima: fix buffer overrun in ima_eventdigest_init_common
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...
CVE-2024-53106
CVE-2024-53106 concerns the Linux kernel ima subsystem: a buffer overrun in ima_eventdigest_init_common triggered by HASH_ALGO__LAST indexing hash_digest_size[]. Root cause is inadequate handling of HASH_ALGO__LAST; a conditional prevents the overread. A fix is included in kernel updates (commit ...
CVE-2024-53106 ima: fix buffer overrun in ima_eventdigest_init_common
In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in imaeventdigestinitcommon Function imaeventdigestinit calls imaeventdigestinitcommon with HASHALGOLAST which is then used to access the array hashdigestsize leading to buffer overrun. Have a conditional...