5 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: added a sentinel to xehpoabcounters Arrays passed to reginrangetable should end with an empty record. The patch fixes a bug detected by KASAN with the following signature: BUG: KASAN: global-out-of-bounds in...
SUSE CVE-2023-53646
In the Linux kernel, the following vulnerability has been resolved: drm/i915/perf: add sentinel to xehpoabcounters Arrays passed to reginrangetable should end with empty record. The patch solves KASAN detected bug with signature: BUG: KASAN: global-out-of-bounds in...
CVE-2023-52767
In the Linux kernel, the following vulnerability has been resolved: tls: fix NULL deref on tlsswspliceeof with empty record syzkaller discovered that if tlsswspliceeof is executed as part of sendfile when the plaintext/ciphertext skmsg are empty, the send path gets confused because the empty...
Internet Bug Bounty: SSL_peek() hang on empty record (CVE-2016-6305)
As described here: https://www.openssl.org/news/secadv/20160922.txt...
OpenSSL SSL_peek() Denial of Service Vulnerability
OpenSSL is an open source implementation of SSL used to enable strong encryption of network communications and is now widely used in a variety of web applications. OpenSSL 1.1.0 SSL/TLS hangs after receiving an empty record during an SSLpeek call, which can be exploited by malicious users to...