13 matches found
kernel: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds
In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds Set the size to 6 instead of 2, since 'para' array is passed to 'rtwfwbtwificontrolrtwdev, para0, ¶1', which reads 5 bytes: void rtwfwbtwificontrolstruct...
DEBIAN-CVE-2025-49601
In MbedTLS 3.3.0 before 3.6.4, mbedtlslmsimportpublickey does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtlslmsimportpublickey allows context-dependent...
kernel: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...
CVE-2024-46729 drm/amd/display: Fix incorrect size calculation for loop
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop WHY feclken has size of 5 but sizeoffeclken has byte size 20 which is lager than the array size. HOW Divide byte size 20 by its element size. This fixes 2 OVERRUN issues...
UBUNTU-CVE-2021-47497
In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound UBSAN with byte size cells If a cell has 'nbits' equal to a multiple of BITSPERBYTE the logic p &= GENMASKcell-nbits%BITSPERBYTE - 1, 0; will become undefined behavior because nbits modulo BITSPERBYT...
CVE-2022-23582
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a SavedModel such that TensorByteSize would trigger CHECK failures. TensorShape constructor throws a CHECK-fail if shape is partial or has a number of elements that would overflow t...
GSD-2021-1002084 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
UVI-2021-1002084 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.14 by commit...
UVI-2021-1001975 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.213 by commit...
UVI-2021-1001932 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.288 by commit...
UVI-2021-1001914 nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells
nvmem: Fix shift-out-of-bound UBSAN with byte size cells This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.4.290 by commit...
bsd/x86 - portbind port 31337 83 bytes
bsd/x86 portbind port 31337 83 bytes. Shellcode exploit for bsdx86 platform / portbinding execve shellcode port 31337 bsd/x86 83b - no1 greyhats.za.net / char shellc0de= "\x99" // cdq "\x52" // pushl %edx "\x6a\x01" // pushl $0x01 "\x6a\x02" // pushl $0x02 "\xb0\x61" // movb $0x61,%al "\x50" //...
linux/x86 bsd/x86 execve /bin/sh 38 bytes
No description provided by source. / Linux/x86 and Bsd/x86 execve of /bin/sh by dymitri!!! / include stdio.h char code = "\x31\xc0" "\x50" "\x68\x2f\x2f\x73\x68" "\x68\x2f\x62\x69\x6e" "\x89\xe3" "\x50" "\x54" "\x53" "\x50" "\x8c\xe0" "\x21\xc0" "\x74\x04" "\xb0\x3b" "\xeb\x07" / si es bsd saltam...