CVE-2024-46728

CVE-2024-46728 affects the Linux kernel (drm/amd/display) where there is a fix for using aux_rd_interval: the value of aux_rd_interval (size 7) must be checked before use. The connected Azure/Linux Nessus entries confirm the advisory references this vulnerability and describe the fix as preventin...

CVE-2024-46728 drm/amd/display: Check index for aux_rd_interval before using

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for auxrdinterval before using auxrdinterval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGEROVERFLOW issues reported by Coverity...

CVE-2024-46728 drm/amd/display: Check index for aux_rd_interval before using

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for auxrdinterval before using auxrdinterval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGEROVERFLOW issues reported by Coverity...

CVE-2024-46726 drm/amd/display: Ensure index calculation will not overflow

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure index calculation will not overflow WHY & HOW Make sure vmid0p72idx, vnom0p8idx and vmax0p9idx calculation will never overflow and exceess array size. This fixes 3 OVERRUN and 1 INTEGEROVERFLOW issues...

Shim: interger overflow leads to heap buffer overflow in verify_sbat_section on 32-bits systems

...

CVE-2024-40994

A vulnerability was found in the Linux kernel's ptp subsystem in ptpsysfs.c file, where the maxvclocksstore function can cause an integer overflow on 32-bit systems. This issue occurs during a multiplication operation, potentially leading to incorrect memory allocation, resulting in memory...

Medium: kernel

Issue Overview: dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount. CVE-2023-52429 In the Linux kernel, the following vulnerability has been...

SUSE CVE-2005-1513

Integer overflow in the strallocreadyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request...

SUSE CVE-2013-7353

Integer overflow in the pngsetunknownchunks function in libpng/pngset.c in libpng before 1.5.14beta08 allows context-dependent attackers to cause a denial of service segmentation fault and crash via a crafted image, which triggers a heap-based buffer overflow...

SUSE CVE-2017-9184

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:314:7...

SUSE CVE-2017-12100

An exploitable integer overflow exists in the 'multiresloadolddm' functionality of the Blender open-source 3d creation suite v2.78c. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the application...

SUSE CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

httpd: Out-of-bounds read in ap_strcmp_match()

An out-of-bounds read vulnerability was found in httpd. A very large input to the apstrcmpmatch function can lead to an integer overflow and result in an out-of-bounds read...

Pixman 输入验证错误漏洞

Pixman is an open source and software library written in C for pixel manipulation that provides image compositing, image rasterization, and other functions. A security vulnerability exists in Pixman libpixman prior to version 0.42.2, which stems from an integer overflow in pixmansamplefloory and ...

mariadb: Integer overflow in sql_lex.cc integer leading to crash

An integer overflow vulnerability was found in MariaDB, where an invalid size of refpointerarray is allocated. This issue results in a denial of service...

DEBIAN-CVE-2021-38090

Integer Overflow vulnerability in function filter16roberts in libavfilter/vfconvolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts...

CentOS 8 : redis:6 (CESA-2021:2034)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2034 advisory. - redis: Integer overflow via STRALGO LCS command CVE-2021-29477 Note that Nessus has not tested for this issue but has instead relied only on the application's...

GHSA-6J9C-GRC6-5M6G CHECK-fail in SparseConcat

Impact An attacker can trigger a denial of service via a CHECK-fail in tf.rawops.SparseConcat: python import tensorflow as tf import numpy as np indices1 = tf.constant514, 514, 514, 514, dtype=tf.int64 indices2 = tf.constant514, 530, 599, 877, dtype=tf.int64 indices = indices1, indices2 values1 =...

OpenJDK: Integer overflow in bounds check in SunGraphics2D (2D, 8225292)

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...

UBUNTU-CVE-2019-9959

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo...