CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2022-48744

In CVE-2022-48744, the Linux kernel net/mlx5e driver was made resilient to field-bound checking by avoiding a field-overflowing memcpy() across neighboring fields. The root cause involved copying MLX5E_XDP_MIN_INLINE bytes into a 2-byte inline_hdr.start, causing writes to adjacent data (vlan_tci,...

CVE-2022-48744

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48739

CVE-2022-48739 affects the Linux kernel ASoC hdmi-codec subsystem. The vulnerability arises from out-of-bounds memory accesses during memcpy(), caused by an incorrect size for the iec_status array. The fix aligns the size of iec_status with the status array of struct snd_aes_iec958, eliminating t...

CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2024-29013

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service DoS via memcpy function...

CVE-2024-29013

Heap-based buffer overflow vulnerability in the SonicOS SSL-VPN allows an authenticated remote attacker to cause Denial of Service DoS via memcpy function...

CVE-2024-29013

Affected product: SonicOS SSL-VPN (SonicWall SonicOS). Issue: heap-based buffer overflow in the memcpy function, enabling an authenticated remote attacker to cause Denial of Service. Documents indicate the vulnerability exists in SonicOS SSL-VPN; exploitation status is not publicly demonstrated i...

SonicWALL SonicOS 安全漏洞

SonicWALL SonicOS is a set of operating systems designed for SonicWall firewall appliances from SonicWALL, Inc. A security vulnerability exists in SonicWALL SonicOS SSL-VPN. A remote attacker could exploit this vulnerability to cause a denial of service DoS via the memcpy function...

CVE-2022-48739

In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iecstatus array by changing it to the size of status array of the struct sndaesiec958. This fixes out-of-bounds slab read accesses made by memcpy of the hdmi-codec driver...

CVE-2022-48744

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-time and run-time field bounds checking for memcpy, memmove, and memset, avoid intentionally writing across neighboring fields. Use...

CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

CVE-2021-47580

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47580 scsi: scsi_debug: Fix type in min_t to avoid stack OOB

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...

CVE-2021-47578 scsi: scsi_debug: Don't call kcalloc() if size arg is zero

In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Don't call kcalloc if size arg is zero If the size arg to kcalloc is zero, it returns ZEROSIZEPTR. Because of that, for a following NULL pointer check to work on the returned pointer, kcalloc must not be called...

DEBIAN-CVE-2024-38585

In the Linux kernel, the following vulnerability has been resolved: tools/nolibc/stdlib: fix memory error in realloc Pass userplen to memcpy instead of heap-len to prevent realloc from copying an extra sizeofheap bytes from beyond the allocated region...

UBUNTU-CVE-2024-38585

In the Linux kernel, the following vulnerability has been resolved: tools/nolibc/stdlib: fix memory error in realloc Pass userplen to memcpy instead of heap-len to prevent realloc from copying an extra sizeofheap bytes from beyond the allocated region...