Lucene search
K

137 matches found

Vulnrichment
Vulnrichment
added 2024/07/29 6:37 a.m.15 views

CVE-2024-41016 ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this...

6.7AI score0.00239EPSS
Exploits0References8
CVE
CVE
added 2024/07/29 6:37 a.m.143 views

CVE-2024-41016

CVE-2024-41016 affects the Linux kernel OCFS2 filesystem. The vulnerability arises from a missing bounds check before memcmp in ocfs2_xattr_find_entry(), which could allow an out-of-bounds read when processing crafted xattr data in non-indexed xattrs saved with extra space. The issue is tied to O...

5.5CVSS6.5AI score0.00239EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2024/07/29 6:37 a.m.33 views

CVE-2024-41016 ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry()

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this...

0.00239EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of strict boundary checking before memcmp in ocfs2xattrfindentry...

5.5CVSS6.6AI score0.00239EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/07/29 12:0 a.m.19 views

CVE-2024-41016

In the Linux kernel, the following vulnerability has been resolved: ocfs2: strict bound check before memcmp in ocfs2xattrfindentry xattr in ocfs2 maybe 'non-indexed', which saved with additional space requested. It's better to check if the memory is out of bound before memcmp, although this...

5.5CVSS6.4AI score0.00239EPSS
Exploits0References33
RedhatCVE
RedhatCVE
added 2024/05/22 10:20 a.m.16 views

CVE-2021-47394

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unlink table before deleting it syzbot reports following UAF: BUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955 nlastrcmp+0xf2/0x130 lib/nlattr.c:836 nfttablelookup.part.0+0x1a2/0x460...

7.1CVSS6.6AI score0.00233EPSS
Exploits0References4
CVE
CVE
added 2024/05/21 3:3 p.m.88 views

CVE-2021-47394

CVE-2021-47394 is a Linux kernel vulnerability in the netfilter nf_tables path: unlinking a table before deleting it could allow a use-after-free. SYZKABAN reports a UAF in memcmp/nlattr/nft_table_lookup paths, with read-accesses occurring on lockless GETs after synchronize_rcu. The documented ro...

7.8CVSS6.7AI score0.00233EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/05/21 3:3 p.m.21 views

CVE-2021-47394 netfilter: nf_tables: unlink table before deleting it

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: unlink table before deleting it syzbot reports following UAF: BUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955 nlastrcmp+0xf2/0x130 lib/nlattr.c:836 nfttablelookup.part.0+0x1a2/0x460...

6.9AI score0.00233EPSS
Exploits0References2
OSV
OSV
added 2024/02/08 5:15 p.m.10 views

CVE-2024-25190

l8w8jwt 2.2.1 uses memcmp which is not constant time to verify authentication, which makes it easier to bypass authentication via a timing side channel...

9.8CVSS7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.5 views

PT-2024-20806 · L8W8Jwt · L8W8Jwt

Name of the Vulnerable Software and Affected Versions: l8w8jwt version 2.2.1 Description: The issue arises from the use of memcmp to verify authentication, which is not constant time. This makes it easier to bypass authentication via a timing side channel. Recommendations: For l8w8jwt version...

9.8CVSS7.1AI score0.00899EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/02/08 12:0 a.m.5 views

l8w8jwt Security Breach

l8w8jwt is an open source, minimal, OpenSSL-free and ultra-lightweight JWT library written in C by Glitched Polygons GmbH. A security vulnerability exists in version 2.2.1 of l8w8jwt, which stems from the use of memcmp to authenticate, resulting in an authentication bypass vulnerability...

9.8CVSS7AI score0.00899EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2023/06/01 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-2004)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8.2AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/05/17 12:0 a.m.20 views

EulerOS 2.0 SP10 : shim (EulerOS-SA-2023-1984)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...

7.4CVSS8AI score0.59501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/05/10 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1853)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.4CVSS8.2AI score0.59501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/25 12:0 a.m.66 views

Oracle Linux 6 : openssl (ELSA-2023-12297)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12297 advisory. - Backport fixes for CVE-2023-0286 Orabug: 35212597 - Fix possible infinite loop in BNmodsqrt CVE-2022-0778Orabug: 33969800 - Backport fixes for CVE-2020-1971...

10CVSS8.1AI score0.99999EPSS
Exploits129References2
Tenable Nessus
Tenable Nessus
added 2023/04/14 12:0 a.m.39 views

FreeBSD : py-cryptography -- includes a vulnerable copy of OpenSSL (c1a8ed1c-2814-4260-82aa-9e37c83aac93)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the c1a8ed1c-2814-4260-82aa-9e37c83aac93 advisory. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509...

7.4CVSS8AI score0.59501EPSS
Exploits0References3
Mageia
Mageia
added 2023/03/18 10:16 p.m.59 views

Updated heimdal packages fix security vulnerability

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to b...

7.5CVSS2.2AI score0.00491EPSS
Exploits0References4
Microsoft CVE
Microsoft CVE
added 2023/03/14 7:0 a.m.4 views

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches (and possibly other branches) a logic inversion sneaked in causing the validation of message integrity codes in gssapi/arcfour to be inverted.

...

7.5CVSS6.7AI score0.0369EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/03/08 4:1 a.m.5 views

SUSE CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

7.5CVSS6.6AI score0.00491EPSS
Exploits0References3
OSV
OSV
added 2023/03/06 11:15 p.m.2 views

ALPINE-CVE-2022-45142

The fix for CVE-2022-3437 included changing memcmp to be constant time and a workaround for a compiler bug by adding "!= 0" comparisons to the result of memcmp. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0 branches and possibly other branches a logic inversion sneaked...

7.5CVSS7AI score0.00491EPSS
Exploits0References1
Rows per page
Query Builder