4779 matches found
kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...
RHEL 9 : kernel-rt (RHSA-2022:7933)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:7933 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...
GSD-2022-1007034 regulator: core: Prevent integer underflow
regulator: core: Prevent integer underflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.75 by commit...
PT-2022-35289 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 5.15.75 Description: The issue is related to an integer underflow in the core regulator of the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel...
PT-2022-35021 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to 6.0.3 Description: The issue is related to an integer underflow in the Linux Kernel core regulator. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions...
kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()
An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...
Azure RTOS FileX 数字错误漏洞
Azure RTOS FileX is an open source FAT-compatible file system for Azure RTOS. A security vulnerability exists in Azure RTOS FileX versions prior to 6.2.0, which stems from fault-tolerance features including integer underflow and overflow, and can be exploited to implement a buffer overflow and...
CVE-2022-39343 Azure RTOS FileX vulnerable to Buffer Offerflow
Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a vali...
GLSA-202210-37 : PJSIP: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-37 PJSIP: Multiple Vulnerabilities - PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
AZL-35160 CVE-2022-3165 affecting package qemu for versions less than 6.2.0-18
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
DEBIAN-CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
Integer overflow
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
UBUNTU-CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
An integer underflow issue was found in the QEMU VNC server while processing ClientCutText messages in the extended format. A malicious client could use this flaw to make QEMU unresponsive by sending a specially crafted payload message, resulting in a denial of service...
CVE-2022-3165
CVE-2022-3165 is an integer underflow in the QEMU VNC server (vnc_client_cut_text_ext) when handling ClientCutText in the extended format. The flaw can cause QEMU to become unresponsive/CPU-exhausted (denial of service). Multiple connected advisories document affected QEMU versions and note that ...