CLSA-2024-1718903513 cups: Fix of 2 CVEs

CVE-2023-32360: require authentication for CUPS-Get-Document. - CVE-2023-32324: fix cupsstrlcpy to exit immediately if a length of the source string is zero...

DEBIAN-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

UBUNTU-CVE-2021-47606

In the Linux kernel, the following vulnerability has been resolved: net: netlink: afnetlink: Prevent empty skb by adding a check on len. Adding a check on len parameter to avoid empty skb. This prevents a division error in netemenqueue function which is caused when skb-len=0 and skb-datalen=0 in...

UBUNTU-CVE-2024-38605

In the Linux kernel, the following vulnerability has been resolved: ALSA: core: Fix NULL module pointer assignment at card init The commit 81033c6b584b "ALSA: core: Warn on empty module" introduced a WARNON for a NULL module pointer passed at sndcard object creation, and it also wraps the code...

SUSE CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

AZL-42471 CVE-2024-37407 affecting package libarchive for versions less than 3.7.1-2

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

CVE-2024-37407 affects the libarchive library (before 3.7.4). The vulnerability occurs when processing a ZIP archive that contains an empty-name file with mac-ext enabled, in slurp_central_directory of archive_read_support_format_zip.c, which can cause name out-of-bounds access. Affected versions...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

PT-2024-4147 · Unknown +1 · Libarchive +1

Name of the Vulnerable Software and Affected Versions: Libarchive versions prior to 3.7.4 Description: The issue is related to a buffer overflow vulnerability when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in the slurp central directory function in archive read...

CVE-2024-37407

Libarchive before 3.7.4 allows name out-of-bounds access when a ZIP archive has an empty-name file and mac-ext is enabled. This occurs in slurpcentraldirectory in archivereadsupportformatzip.c...

CVE-2024-36732

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.tensordot...

CVE-2024-22326 IBM System Storage improper authentication

IBM System Storage DS8900F 89.22.19.0, 89.30.68.0, 89.32.40.0, 89.33.48.0, 89.40.83.0, and 89.40.93.0 could allow a remote user to create an LDAP connection with a valid username and empty password to establish an anonymous connection. IBM X-Force ID: 279518...

CVE-2024-36743

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...

CVE-2024-36743

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...

CVE-2024-36743

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service DoS when an empty array is processed with oneflow.dot...

CLSA-2024-1717692967 libxml2: Fix of 2 CVEs

CVE-2023-29469: dict.c: fix non-deterministic hashing of empty dict strings - CVE-2023-28484: fix NULL pointer dereferences in xmlSchemaFixupComplexType and xmlSchemaCheckCOSSTDerivedOK...

CLSA-2024-1717691762 libxml2: Fix of 2 CVEs

CVE-2023-29469: dict.c: fix non-deterministic hashing of empty dict strings - CVE-2023-28484: fix NULL pointer dereferences in xmlSchemaFixupComplexType and xmlSchemaCheckCOSSTDerivedOK...