CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2022-48744

In CVE-2022-48744, the Linux kernel net/mlx5e driver was made resilient to field-bound checking by avoiding a field-overflowing memcpy() across neighboring fields. The root cause involved copying MLX5E_XDP_MIN_INLINE bytes into a 2-byte inline_hdr.start, causing writes to adjacent data (vlan_tci,...

CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

CVE-2022-48732

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

CVE-2022-48732

The CVE-2022-48732 issue affects the Linux kernel’s DRM Nouveau component, caused by an off-by-one error in BIOS boundary parsing of embedded init scripts. This bounds-checking flaw can reject access to the last byte, causing driver initialization to fail on Apple eMac systems with GeForce 2 MX G...

CVE-2022-48732

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...

DEBIAN-CVE-2024-38562

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request-channels can be used, request-nchannels must be set. Additionally, address calculations for memory after the "channels" array need to be...

CVE-2024-38562 wifi: nl80211: Avoid address calculations via out of bounds array indexing

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: Avoid address calculations via out of bounds array indexing Before request-channels can be used, request-nchannels must be set. Additionally, address calculations for memory after the "channels" array need to be...

PT-2024-8636 · Ivanti · Ivanti Secure Access Client

Name of the Vulnerable Software and Affected Versions: Ivanti Secure Access Client versions prior to 22.7R3 Description: The issue is related to improper bounds checking, which can be exploited by a local authenticated attacker with admin privileges to cause a denial of service. This is due to a...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking PTE write permissions...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

Reliance on obfuscation or encryption of security-relevant inputs without integrity checking issue exists in "FreeFrom - the nostr client" App versions prior to 1.3.5 for Android and iOS. If this vulnerability is exploited, the content of direct messages DMs between users may be manipulated by a...

CVE-2024-36279

CVE-2024-36279 concerns “FreeFrom - the nostr client” (Android/iOS) versions prior to 1.3.5. The issue is reliance on obfuscation or encryption of security‑relevant inputs without proper integrity checking, enabling a man‑in‑the‑middle to manipulate the content of Direct Messages (DMs). The vulne...

Huawei Cell Phone Security Breach

Huawei cell phones are smartphones from Huawei, a Chinese company. A security vulnerability exists in the Huawei phone that originates from an insufficient privilege checking vulnerability in the Star Flash module...

AEGON LIFE 1.0 Remote Code Execution

Exploit Title: Life Insurance Management System- Unauthenticated Remote Code Execution RCE Exploit Author: Aslam Anwar Mahimkar Date: 18-05-2024 Category: Web application Vendor Homepage: https://projectworlds.in/ Software Link: https://projectworlds.in/life-insurance-management-system-in-php/...

CVE-2024-32504

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 850, Exynos 1080, Exynos 2100, Exynos 1280, Exynos 1380, Exynos 1330, Exynos W920, Exynos W930. The mobile processor lacks proper length checking, which can result in an OOB Out-of-Bounds Write vulnerability...