CVE-2022-49564 crypto: qat - add param check for DH

In the Linux kernel, the following vulnerability has been resolved: crypto: qat - add param check for DH Reject requests with a source buffer that is bigger than the size of the key. This is to prevent a possible integer underflow that might happen when copying the source scatterlist into a linea...

CVE-2022-49208 RDMA/irdma: Prevent some integer underflows

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit warn: can subtract underflow 'info-dev-hmcfpmmisc.maxceqs'? It appears that...

CVE-2022-49208

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit warn: can subtract underflow 'info-dev-hmcfpmmisc.maxceqs'? It appears that...

CVE-2022-49208

CVE-2022-49208 : Linux kernel RDMA/irdma vulnerability where an integer underflow may occur in irdma_sc_ceq_init() when subtracting info->dev->hmc_fpm_misc.max_ceqs. This value may come from firmware (irdma_sc_parse_fpm_query_buf()) and could be zero, enabling a potential underflow. The iss...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from insufficient checking of the DH parameter, which could lead to an integer underflow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient checking of RSA parameters, which could lead to an integer underflow...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible integer underflow in the irdmascceqinit function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a possible integer underflow in the nldevstatsetcounterdynamicdoit function...

(Pwn2Own) Apple Safari B3 JIT Compiler Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the B3 JIT compiler...

CVE-2025-0727

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...

CVE-2025-0728

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaroun...

CVE-2025-0728

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaroun...

CVE-2025-0728

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaroun...

CVE-2025-0727

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...

CVE-2025-0727

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...

CVE-2025-0727 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...

CVE-2025-0727 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length in one packet smaller than the data request size of the...

CVE-2025-0727

The CVE-2025-0727 entry concerns Eclipse ThreadX NetX Duo NetX HTTP server that allows an attacker to trigger an integer underflow and DoS by sending crafted HTTP PUT requests with mismatched Content-Length. Affected: NetX Duo before version 6.4.2 (per CVE-0727); related follow-ups indicate an in...

CVE-2025-0728 Eclipse ThreadX NetX Duo HTTP server single PUT request integer underflow

In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before version 6.4.2, an attacker can cause an integer underflow and a subsequent denial of service by writing a very large file, by specially crafted packets with Content-Length smaller than the data request size. A possible workaroun...

CVE-2025-0728

The CVE-2025-0728 issue affects the NetX HTTP server in Eclipse ThreadX NetX Duo prior to version 6.4.2. A crafted network packet with Content-Length smaller than the data can trigger an integer underflow in the HTTP PUT path, leading to a denial of service. A workaround is to disable HTTP PUT su...