1923 matches found
SUSE CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
DEBIAN-CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
UBUNTU-CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2CSMBUSBLOCKMAX Commit effa453168a7 "i2c: i801: Don't silently correct invalid transfer size" revealed that ee1004eepromread did not properly limit how many bytes to read at once. In particular...
SUSE CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
SUSE CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
How to Find Maximum Size of IP Data Payload that can Traverse WAN Environment Without Fragmentation
Citrix SD-WAN, formerly NetScaler SD-WAN This article describes how to find out the maximum size of IP data payload that can traverse a WAN environment without fragmentation. Background The CloudBridge acceleration parameters are sent through TCP options, which use the space in the IP data payloa...
UBUNTU-CVE-2024-39917
xrdp is an open source RDP server. xrdp versions prior to 0.10.0 have a vulnerability that allows attackers to make an infinite number of login attempts. The number of max login attempts is supposed to be limited by a configuration parameter MaxLoginRetry in /etc/xrdp/sesman.ini. However, this...
SUSE-SU-2024:2463-1 Security update for squashfs
This update for squashfs fixes the following issues: - CVE-2015-4645,CVE-2015-4646: Multiple buffer overflows fixed in squashfs-tools bsc935380 - CVE-2021-40153: Fixed an issue where an attacker might have been able to write a file outside of destination bsc1189936 - CVE-2021-41072: Fixed an issu...
DEBIAN-CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
DEBIAN-CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
UBUNTU-CVE-2024-40917
In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...
UBUNTU-CVE-2024-40990
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Add check for srq maxsge attribute maxsge attribute is passed by the user, and is inserted and used unchecked, so verify that the value doesn't exceed maximum allowed value before using it...
CVE-2024-40990
The CVE-2024-40990 issue is a Linux kernel vulnerability in RDMA/mlx5 where the srq max_sge attribute, supplied by users, was inserted/used without proper bounds checks. The fix adds verification against the maximum allowed value before use, addressing potential overflow/abuse locally. Applicable...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the memblock component failing to properly warn about the use of MAXNUMNODES when setting up nodes...
xrdp security vulnerability
xrdp is an open source remote desktop protocol server from neutrinolabs open source. A security vulnerability exists in xrdp versions prior to 0.10.0 that stems from an invalid limit on the configuration parameter for the maximum number of login attempts, allowing an attacker to make unlimited...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the RDMA/mlx5 component failing to check if the value of the maxsge attribute of an SRQ exceeds the maximum...
PT-2024-29801 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue arises from a change in how the maximum segment size is handled, specifically in the sdhci component. The function blk queue max segment size ensures that the maximum size is...
VMSA-2024-0017: VMware Aria Automation updates address SQL-injection vulnerability (CVE-2024-22280)
Advisory ID: | VMSA-2024-0017 ---|--- Advisory Severity: | Important CVSSv3 Range: | 8.5 Synopsis: | VMware Aria Automation updates address SQL-injection vulnerability CVE-2024-22280 Issue date: | 2024-07-10 Updated on: | 2024-07-10 CVEs | CVE-2024-22280 1. Impacted Products VMware Aria Automatio...