CVE-2024-36927 ipv4: Fix uninit-value access in __ip_make_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

[SECURITY] Fedora 35 Update: golang-github-google-wire-0.4.0-6.fc35

Wire is a code generation tool that automates connecting components using dependency injection. Dependencies between components are represented in Wire as function parameters, encouraging explicit initialization instead of global variables. Because Wire operates without runtime state or reflectio...

PT-2018-4637 · Bouncy Castle +3 · Bouncy Castle Jce Provider +3

Name of the Vulnerable Software and Affected Versions: Bouncy Castle JCE Provider versions 1.55 and earlier Description: The issue concerns the generation of weak private keys by the DSA key pair generator when used with default values. If the JCA key pair generator is not explicitly initialized...

openssl: record length handling integer underflow

Integer underflow in OpenSSL before 0.9.8x, 1.0.0 before 1.0.0j, and 1.0.1 before 1.0.1c, when TLS 1.1, TLS 1.2, or DTLS is used with CBC encryption, allows remote attackers to cause a denial of service buffer over-read or possibly have unspecified other impact via a crafted TLS packet that is no...