UBUNTU-CVE-2024-53193

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2clkprovider Some heap space is allocated for the flexible structure struct clkhwonecelldata and its flexible-array member hws through the composite structure struct...

UBUNTU-CVE-2024-56539

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element array with a flexible-array member in struct mwifiexietypeswildcardssidparams to fix the following warning on a MT8173 Chromebook...

CVE-2024-56539

CVE-2024-56539 refers to a Linux kernel issue where mwifiex memcpy() would write across a field due to a one-element array, triggering a field-spanning write warning in mwifiex_config_scan(). The fix replaces the one-element array with a flexible-array member in struct mwifiex_ie_types_wildcard_s...

CVE-2024-53193 clk: clk-loongson2: Fix memory corruption bug in struct loongson2_clk_provider

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2clkprovider Some heap space is allocated for the flexible structure struct clkhwonecelldata and its flexible-array member hws through the composite structure struct...

CVE-2024-53192 clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member hws in struct clkhwonecelldata is annotated with the countedby attribute. This means that when memory is allocated for this...

CVE-2024-53192 clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member hws in struct clkhwonecelldata is annotated with the countedby attribute. This means that when memory is allocated for this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential buffer overflow issue during flexible array access in the clk:clk-loongson2 module...

SUSE CVE-2024-50008

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexcmd80211scanext Replace one-element array with a flexible-array member in struct hostcmdds80211scanext. With this, fix the following warning: elo 16 17:51:58...

AZL-52287 CVE-2024-50008 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexcmd80211scanext Replace one-element array with a flexible-array member in struct hostcmdds80211scanext. With this, fix the following warning: elo 16 17:51:58...

DEBIAN-CVE-2024-50008

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexcmd80211scanext Replace one-element array with a flexible-array member in struct hostcmdds80211scanext. With this, fix the following warning: elo 16 17:51:58...

PT-2024-33847

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: A vulnerability in the Linux kernel has been fixed, involving the mwifiex WiFi driver. The issue was a memcpy field-spanning write warning in the mwifiex cmd 802 11 scan ext function. This...

CVE-2024-39482

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...

CVE-2024-39482

CVE-2024-39482 relates to the Linux kernel bug in bcache: it abused a fixed-length array in btree_iter when used with dynamically-sized iterators, triggering UBSAN. The fix introduces a flexible array member in btree_iter and a separate btree_iter_stack that embeds a btree_iter plus a data array,...

The vulnerability of the vmm-sys-util module, related to writing beyond buffer boundaries, allows an attacker to cause a service failure or exert other effects.

The vulnerability of the vmm-sys-util module set is related to the lack of checks to ensure that the length stored in the header corresponds to the actual length of the flexible array. Exploiting this vulnerability could allow a remote attacker to cause service failures or exert other adverse...

ROS-20240410-10

Vulnerability of vmm-sys-util module set is related to the lack of checking if the length, stored in the header matches the length of the flexible array. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service...

CVE-2023-50711 `serde` deserialization for `FamStructWrapper` lacks bound checks that could potentially lead to out-of-bounds memory access

vmm-sys-util is a collection of modules that provides helpers and utilities used by multiple rust-vmm components. Starting in version 0.5.0 and prior to version 0.12.0, an issue in the FamStructWrapper::deserialize implementation provided by the crate for vmmsysutil::fam::FamStructWrapper can lea...

PT-2023-34926 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.11 Description: The issue is related to the use of a flexible array for memcpy destination, which may potentially lead to security vulnerabilities. The actual impact and attack plausibility have not yet bee...