PT-2024-7671 · Cypress · Cypress Bluetooth Sdk

Name of the Vulnerable Software and Affected Versions: Cypress Bluetooth SDK version 3.66 Description: The issue is related to a buffer overflow in the memory when handling the data header length field of the LL Pause Enc Req, which is part of the Bluetooth Low Energy BLE technology. This can be...

PT-2024-31824 · Bandisoft · Bandiview

Name of the Vulnerable Software and Affected Versions: Bandisoft BandiView version 7.05 Description: The issue is a buffer overflow vulnerability that occurs due to insufficient validation of PSD files. This happens through the sub 0x410d1d function. Recommendations: For Bandisoft BandiView versi...

ALSA-2024:4583 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: TIPC message reassembly use-after-free remote code execution vulnerability CVE-2024-36886 kernel: ethernet: hisilicon: hns: hnsdsafmisc: fix a possible array overflow in hnsdsafgesrstbypo...

kernel: net/sched: cbs NULL pointer dereference when offloading is enabled

A NULL pointer dereference flaw was found in the Linux kernel's network scheduler. This issue occurs when offloading is enabled, the cbs instance is not added to the list. The code also incorrectly handles the case when offload is disabled without removing the qdisc. This could allow a local user...