Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: spmi: In the tracing functions, there was an issue where access to memory was out of bounds. This issue was fixed by using a length of “len” instead of “len + 1”. The functions tracespmiwritebegin and tracespmireadend both use...

EUVD-2022-55360

Malicious code in bioql PyPI...

ConnMan 安全漏洞

ConnMan is an Aldebaran open source connection manager. A security vulnerability exists in ConnMan 1.44 and earlier versions, which stems from a memcpy length dependency on the RR RDLENGTH value...

CVE-2025-32366

In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and memcpyresponse+offset,end,rdlen without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining...

SUSE CVE-2024-46853

In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...

CVE-2024-46853

In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...

DEBIAN-CVE-2024-46853

In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...

CVE-2024-46853

In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy length to fix the out-of-bounds issue when writing the data that is not 4 byte aligned to TX FIFO. To reproduce the issue, write 3 bytes data to NOR chip. dd...

DEBIAN-CVE-2021-47347

In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251cmdscan Function wl1251cmdscan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size...

CVE-2023-4232 Ofono: sms decoder stack-based buffer overflow remote code execution vulnerability within the decode_status_report() function

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

CVE-2023-4232

A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decodestatusreport function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound...

kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-488)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-488 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disable sending iouring over sockets CVE-2023-52654 In the Linux kernel, the following vulnerability has been...

SUSE CVE-2024-0565

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

UBUNTU-CVE-2024-0565

An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...

PT-2023-8385 · Linux +9 · Linux Kernel +9

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: An out-of-bounds memory read flaw was found in the receive encrypted standard function in the SMB Client sub-component of the Linux Kernel. This issue occurs due to integer underflow o...

kernel: vmwgfx: out-of-bounds write in vmw_kms_cursor_snoop

An out-of-bounds memory write vulnerability was found in the Linux kernel's vmwgfx driver in vmwkmscursorsnoop due to a missing check of a memcpy length. This flaw allows a local, unprivileged attacker with access to either the /dev/dri/card0 or /dev/dri/rendererD128 and able to issue an ioctl on...

SUSE CVE-2017-6009

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decodeneresourceid" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a fail...

CVE-2022-36280

An out-of-bounds memory write vulnerability was found in the Linux kernel's vmwgfx driver in vmwkmscursorsnoop due to a missing check of a memcpy length. This flaw allows a local, unprivileged attacker with access to either the /dev/dri/card0 or /dev/dri/rendererD128 and able to issue an ioctl on...

DEBIAN-CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...