1906 matches found
CVE-2024-42242 mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
SUSE CVE-2024-42131
In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGESIZE units fit into 32-bit so that various multiplications fit into 64-bits. If limits end up bein...
SUSE CVE-2024-42148
In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings that occur when using a system with 32 physical cpu cores or more, or when the user defines a number of Ethernet queues greater than or equal to FPSBMAXE1x...
CVE-2024-42092
In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata-gpiounbanked is taken from Device Tree. In case of broken DT due to any error this value can be any. Without this value validation there can be out of chips-irqs...
SUSE CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
DEBIAN-CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
UBUNTU-CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...
SUSE CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
SUSE CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
How to Find Maximum Size of IP Data Payload that can Traverse WAN Environment Without Fragmentation
Citrix SD-WAN, formerly NetScaler SD-WAN This article describes how to find out the maximum size of IP data payload that can traverse a WAN environment without fragmentation. Background The CloudBridge acceleration parameters are sent through TCP options, which use the space in the IP data payloa...
UBUNTU-CVE-2024-39917
xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...
SUSE-SU-2024:2463-1 Security update for squashfs
This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...
DEBIAN-CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
DEBIAN-CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
UBUNTU-CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
UBUNTU-CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
CVE-2024-40990
The CVE-2024-40990 issue is a Linux kernel vulnerability in RDMA/mlx5 where the srq max_sge attribute, supplied by users, was inserted/used without proper bounds checks. The fix adds verification against the maximum allowed value before use, addressing potential overflow/abuse locally. Applicable...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/mlx5 component failing to check if the value of the maxsge attribute of an SRQ exceeds the maximum...