Lucene search
+L

235 matches found

UbuntuCve
UbuntuCve
added 2024/04/13 12:15 p.m.28 views

CVE-2024-26817

In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...

5.5CVSS6.4AI score0.00754EPSS
Exploits0References28
OSV
OSV
added 2024/04/13 12:15 p.m.3 views

UBUNTU-CVE-2024-26817

In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...

5.5CVSS6.3AI score0.00754EPSS
Exploits0References29
CVE
CVE
added 2024/04/13 11:17 a.m.6491 views

CVE-2024-26817

CVE-2024-26817 affects the Linux kernel amdkfd component. The vulnerability arises from using kzalloc with a multiplication that can overflow; the fix replaces kzalloc with calloc to avoid integer overflow. Descriptions in connected Nessus advisories (Unity Linux UTSA advisories) reiterate the sa...

5.5CVSS6.2AI score0.00754EPSS
Exploits0References11Affected Software1
Debian CVE
Debian CVE
added 2024/04/13 11:17 a.m.32 views

CVE-2024-26817

In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...

5.5CVSS7.5AI score0.00754EPSS
Exploits0
Cvelist
Cvelist
added 2024/04/13 11:17 a.m.33 views

CVE-2024-26817 amdkfd: use calloc instead of kzalloc to avoid integer overflow

In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow...

7.6AI score0.00754EPSS
Exploits0References8
Rosalinux
Rosalinux
added 2024/02/06 7:40 a.m.38 views

Advisory ROSA-SA-2024-2336

software: hiredis 0.13.3 AXIS: ROSA-CHROME packageevrstring: hiredis-0.13.3-2.src.rpm CVE-ID: CVE-2021-32765 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: In vulnerable versions, Hiredis is vulnerable to integer overflow if provided with maliciously crafted or corrupted RESP mult-bulk protocol data. Whe...

8.8CVSS8.9AI score0.02045EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/01/10 1:28 p.m.5 views

libarchive: NULL pointer dereference in archive_write.c

A flaw was found in libarchive. A missing check of the return value of the calloc function can cause a NULL pointer dereference in an out-of-memory condition or when a memory allocation limit is reached, resulting in the program linked with libarchive to crash...

9.8CVSS7.1AI score0.01936EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/01/10 12:0 a.m.32 views

RHEL 8 : libarchive (RHSA-2024:0146)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0146 advisory. The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM...

9.8CVSS7.2AI score0.01936EPSS
Exploits0References5
Talos
Talos
added 2024/01/08 12:0 a.m.36 views

GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability

Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...

7.8CVSS7.8AI score0.00432EPSS
Exploits1
Talos
Talos
added 2024/01/08 12:0 a.m.26 views

GTKWave VZT vzt_rd_block_vch_decode dict parsing integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1815 GTKWave VZT vztrdblockvchdecode dict parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38653,CVE-2023-38652 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode dict parsing functionality of...

7.8CVSS7.8AI score0.00364EPSS
Exploits2
Talos
Talos
added 2024/01/08 12:0 a.m.24 views

GTKWave VZT vzt_rd_block_vch_decode times parsing integer overflow vulnerabilities

Talos Vulnerability Report TALOS-2023-1814 GTKWave VZT vztrdblockvchdecode times parsing integer overflow vulnerabilities January 8, 2024 CVE Number CVE-2023-38651,CVE-2023-38650 SUMMARY Multiple integer overflow vulnerabilities exist in the VZT vztrdblockvchdecode times parsing functionality of...

7.8CVSS7.6AI score0.00375EPSS
Exploits2
Amazon
Amazon
added 2023/12/04 12:0 a.m.9 views

Low: libarchive

Issue Overview: In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference or, in some cases, even arbitrary code execution. CVE-2022-36227 Affected...

9.8CVSS7.8AI score0.01936EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/14 3:46 p.m.4 views

kernel: dm flakey: don't corrupt the zero page

A flaw was found in the Linux kernel's dm-flakey device mapper target. When the corrupt bio writes option is enabled, dm-flakey can corrupt the kernel's global zero page. Since the zero page is shared system-wide and used by glibc's calloc implementation via mmap, corrupting it causes userspace...

5.8AI score0.00188EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.3 views

kernel: dm flakey: don't corrupt the zero page

A flaw was found in the Linux kernel's dm-flakey device mapper target. When the corrupt bio writes option is enabled, dm-flakey can corrupt the kernel's global zero page. Since the zero page is shared system-wide and used by glibc's calloc implementation via mmap, corrupting it causes userspace...

5.8AI score0.00188EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2023/10/05 12:0 a.m.25 views

Amazon Linux 2 : libarchive (ALAS-2023-2279)

The version of libarchive installed on the remote host is prior to 3.1.2-14. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2279 advisory. In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer...

9.8CVSS7.7AI score0.01936EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.14 views

GLSA-202309-14 : libarchive: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202309-14 libarchive: Multiple Vulnerabilities - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a...

9.8CVSS7.3AI score0.01936EPSS
Exploits0References4
Amazon
Amazon
added 2023/07/19 12:0 a.m.6 views

Low: libarchive

Issue Overview: In libarchive 3.6.1, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference or, in some cases, even arbitrary code execution. CVE-2022-36227 Affected...

9.8CVSS8.3AI score0.01936EPSS
Exploits0
Veracode
Veracode
added 2023/07/10 10:4 a.m.27 views

Integer Overflow

klibc is vulnerable to Integer Overflow. The vulnerability occurs due to the multiplication in the calloc function in klibc which could result in heap-based buffer overflow...

9.8CVSS6.9AI score0.02059EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/08 12:0 a.m.23 views

EulerOS 2.0 SP5 : libarchive (EulerOS-SA-2023-2154)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

9.8CVSS7.2AI score0.01936EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/06/07 12:0 a.m.22 views

EulerOS Virtualization 2.11.0 : libarchive (EulerOS-SA-2023-2097)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL...

9.8CVSS7.1AI score0.01936EPSS
Exploits0References2
Rows per page
Query Builder