1716 matches found
CVE-2023-52631
CVE-2023-52631 affects the Linux kernel NTFS3 path. The issue is a NULL dereference in ntfs_load_attr_list() caused by a 32-bit overflow in size calculation (le32_to_cpu(attr->res.data_size) + 1023), which can yield zero and make kmalloc return ZERO_SIZE_PTR, leading to a crash on memcpy. The ...
CVE-2023-52631
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix an NULL dereference bug The issue here is when this is called from ntfsloadattrlist. The "size" comes from le32tocpuattr-res.datasize so it can't overflow on a 64bit systems but on 32bit systems the "+ 1023" can...
CVE-2024-26645
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...
CVE-2024-26645
In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracingmap Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram...
CVE-2024-26645
CVE-2024-26645 : The issue is in the Linux kernel tracing subsystem (tracing_map) where a race can occur when inserting a new element. The root cause is CPU reordering between memcpy(elt->key, key, map->key_size) and entry->val = elt in __tracing_map_insert(), which can cause a later che...
PT-2024-27210
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a memcpy field-spanning write warning in the Linux kernel's mpi3mr driver. When the "storcli2 show" command is executed for eHBA-9600, the driver prints a warning...
kernel: CIFS Filesystem Decryption Improper Input Validation Remote Code Execution Vulnerability in function receive_encrypted_standard of client
An out-of-bounds memory read flaw was found in receiveencryptedstandard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service...
BIT-PILLOW-2021-25290
An issue was discovered in Pillow before 8.1.1. In TiffDecode.c, there is a negative-offset memcpy with an invalid size...
DEBIAN-CVE-2022-48627
In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scrmemcpyw is optimized to memcpy because memcpy...
CVE-2022-48627
In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scrmemcpyw is optimized to memcpy because memcpy...
PT-2024-14603 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A data race issue was found in the Linux kernel, specifically in the bpf long memcpy function. This issue was reported by syzbot. Recommendations: At the moment, there is no informatio...
CentOS 9 : libtiff-4.4.0-2.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libtiff-4.4.0-2.el9 build changelog. - Null source pointer passed as an argument to memcpy function within TIFFFetchStripThing in tifdirread.c in libtiff versions from 3.9.0 to...
CVE-2021-46951 tpm: efi: Use local variable for calculating final log size
In the Linux kernel, the following vulnerability has been resolved: tpm: efi: Use local variable for calculating final log size When tpmreadlogefi is called multiple times, which happens when one loads and unloads a TPM2 driver multiple times, then the global variable efitpmfinallogsize will at...
CVE-2021-46913
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walki...
DEBIAN-CVE-2021-46913
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walki...
CVE-2021-46913 netfilter: nftables: clone set element expression template
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walki...
CVE-2021-46913
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walki...
CVE-2021-46913 netfilter: nftables: clone set element expression template
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: clone set element expression template memcpy breaks when using connlimit in set elements. Use nftexprclone to initialize the connlimit expression list, otherwise connlimit garbage collector crashes when walki...
FreeBSD : lizard -- Negative size passed to memcpy resulting in memory corruption (67c2eb06-5579-4595-801b-30355be24654)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 67c2eb06-5579-4595-801b-30355be24654 advisory. - In Lizard v1.0 and LZ5 v2.0 the prior release, before the product was renamed, there is an unchecked...
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-488)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-488 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: disable sending iouring over sockets CVE-2023-52654 In the Linux kernel, the following vulnerability has been...