CVE-2024-56539

CVE-2024-56539 refers to a Linux kernel issue where mwifiex memcpy() would write across a field due to a one-element array, triggering a field-spanning write warning in mwifiex_config_scan(). The fix replaces the one-element array with a flexible-array member in struct mwifiex_ie_types_wildcard_s...

CVE-2024-56539

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element array with a flexible-array member in struct mwifiexietypeswildcardssidparams to fix the following warning on a MT8173 Chromebook...

CVE-2024-56539 wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element array with a flexible-array member in struct mwifiexietypeswildcardssidparams to fix the following warning on a MT8173 Chromebook...

DEBIAN-CVE-2024-47613

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...

DEBIAN-CVE-2024-47596

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in the qtdemuxparsesvq3stsddata function within qtdemux.c. In the FOURCCSMI case, seqhsize is read from the input file without proper validation. If seqhsize is greater than the remaining...

UBUNTU-CVE-2024-47613

GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been identified in gstgdkpixbufdecflush within gstgdkpixbufdec.c. This function invokes memcpy, using outpix as the destination address. outpix is expected to point to the fra...

kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write size 128 of single field...

kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write size 128 of single field...

kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write size 128 of single field...

kernel: VMCI: Fix memcpy() run-time warning in dg_dispatch_as_host()

In the Linux kernel, the following vulnerability has been resolved: VMCI: Fix memcpy run-time warning in dgdispatchashost The Linux kernel CVE team has assigned CVE-2024-35944 to this issue. Upstream advisory: https://lore.kernel.org/linux-cve-announce/2024051920-CVE-2024-35944-a860@gregkh/T...

kernel: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Avoid memcpy field-spanning write WARNING When the "storcli2 show" command is executed for eHBA-9600, mpi3mr driver prints this WARNING message: memcpy: detected field-spanning write size 128 of single field...

CVE-2024-50008

...

SUSE CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

DEBIAN-CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

AZL-52432 CVE-2024-50134 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

UBUNTU-CVE-2024-50134

In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...

CVE-2024-50134

CVE-2024-50134 affects the Linux kernel driver drm/vboxvideo (vbva_mouse_pointer_shape). The issue stems from a fake VLA at the end of vbva_mouse_pointer_shape triggering a field-spanning memcpy write in hgsmi_base.c:154. The patch replaces the fake VLA with a real VLA to fix the warning and pote...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the drm/vboxvideo module, where the use of a fake variable-length array VLA in place of a real...

CVE-2024-40493

Null Pointer Dereference in coapclientexchangeblockwise2 function in Keith Cullen FreeCoAP 1.0 allows remote attackers to cause a denial of service and potentially execute arbitrary code via a specially crafted CoAP packet that causes coapmsggetpayloadresp to return a null pointer, which is then...

CVE-2024-49869

In the Linux kernel, the following vulnerability has been resolved: btrfs: send: fix buffer overflow detection when copying path to cache entry Starting with commit c0247d289e73 "btrfs: send: annotate struct namecacheentry with countedby" we annotated the variable length array "name" from the...