152 matches found
CVE-2023-25139
sprintf in the GNU C Library glibc 2.37 has a buffer overflow out-of-bounds write in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a...
GSD-2023-1001597 serial: amba-pl011: avoid SBSA UART accessing DMACR register
serial: amba-pl011: avoid SBSA UART accessing DMACR register This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...
GSD-2023-1001591 cxl: fix possible null-ptr-deref in cxl_pci_init_afu|adapter()
cxl: fix possible null-ptr-deref in cxlpciinitafu|adapter This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.337 by commit...
GSD-2023-1001298 mm, compaction: fix fast_isolate_around() to stay within boundaries
mm, compaction: fix fastisolatearound to stay within boundaries This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001154 NFSv4: Fix a credential leak in _nfs4_discover_trunking()
NFSv4: Fix a credential leak in nfs4discovertrunking This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
PT-2023-33369 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue concerns the protection of tpm pm suspend with locks. It was introduced in version v5.1 and fixed in Linux Kernel version v5.4.226. The actual impact and attack plausibility have...
PT-2023-33280 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: The issue concerns a use-after-free in the ip6 fragment function. This problem was introduced in version v4.13 and is fixed in Linux Kernel version v5.10.159. The actual impact and attack...
PT-2023-33285 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.159 Description: A potential use-after-free issue exists in the hisi femac rx function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v4.8 and is...
PT-2023-33465 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.19 Description: The issue is related to the drm/i915/gvt component in the Linux Kernel. It was introduced in version v4.16 and fixed in version v6.0.19. The actual impact and attack plausibility have not ye...
PT-2023-33337 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue concerns a handle size overflow for ringbuf mmap. It was introduced in version v5.8 and fixed in Linux Kernel version v5.10.158. The actual impact and attack plausibility have no...
PT-2023-33396 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.269 Description: The issue is related to a potential security vulnerability in the xen-netfront component. It was introduced in version v2.6.24 and fixed in version v4.19.269. The actual impact and attack...
PT-2023-33379 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.226 Description: The issue is related to a use-after-free in the tun detach function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v4.17 and fixed in Linu...
K55879220: Overview of F5 vulnerabilities (May 2022)
Security Advisory Description On May 4, 2022, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associated...
GSD-2022-1008061 bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()
bpf, testrun: Fix alignment problem in bpfprogtestrunskb This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...
GSD-2022-1008037 tracing: Fix wild-memory-access in register_synth_event()
tracing: Fix wild-memory-access in registersynthevent This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.156 by commit...
GSD-2022-1007936 nilfs2: fix deadlock in nilfs_count_free_blocks()
nilfs2: fix deadlock in nilfscountfreeblocks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.79 by commit...
GSD-2022-1007900 net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()
net: microchip: sparx5: Fix potential null-ptr-deref in sparxstatsinit and sparx5start This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.80 ...
PT-2022-36366 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.154 Description: A potential security issue has been identified in the Linux Kernel, introduced in version v2.6.39. The actual impact and attack plausibility have not yet been proven. Recommendations: For...
PT-2022-36253 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.78 Description: A potential security issue has been identified in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. The issue was introduced in version v2.6.39 and is...
PT-2022-36395 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.225 Description: The issue concerns an invalid length check when fetching device IDs. This problem was introduced in version v5.3 and is fixed in Linux Kernel version v5.4.225. The actual impact and attack...