35 matches found
CVE-2025-40193
In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: add input size check in procwritesimdisk A malicious user could pass an arbitrarily bad value to memdupusernul, potentially causing kernel crash. This follows the same pattern as commit ee76746387f6 "netdevsim:...
CVE-2025-40193
In the Linux kernel, the following vulnerability has been resolved: xtensa: simdisk: add input size check in procwritesimdisk A malicious user could pass an arbitrarily bad value to memdupusernul, potentially causing kernel crash. This follows the same pattern as commit ee76746387f6 "netdevsim:...
Linux Distros Unpatched Vulnerability : CVE-2024-36935
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ice: ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel...
Linux Distros Unpatched Vulnerability : CVE-2024-38560
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized...
Linux Distros Unpatched Vulnerability : CVE-2024-36934
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bna: Ensure that the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of size nbytes and copy nbytes from user space to that buffer. Later, we use sscanf on this buffer, but we do not ensure...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buffer is terminated with NUL characters. Currently, we allocate a kernel buffer of a certain size and copy data from user space to that buffer. Later, we use kstrtouint on this buffer, but we do not...
kernel: octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
kernel: octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-38559
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...
CVE-2024-38560
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...
CVE-2024-38560 scsi: bfa: Ensure the copied buf is NUL terminated
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...
CVE-2024-38560
The CVE-2024-38560 entry concerns Linux kernel SCSI (bfa) code. A vulnerable path copies nbytes from userspace into a kernel buffer without guaranteeing a NUL terminator, enabling an OOB read when sscanf is applied. The issue is fixed by replacing memdup_user with memdup_user_nul to ensure proper...
CVE-2024-38560 scsi: bfa: Ensure the copied buf is NUL terminated
In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...
CVE-2024-38559 scsi: qedf: Ensure the copied buf is NUL terminated
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...
CVE-2024-38559 scsi: qedf: Ensure the copied buf is NUL terminated
In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is...
CVE-2024-36935
A flaw was found in the ice module in the Linux kernel. Data from the user space is copied to a kernel buffer without making sure it is NULL terminated, causing an out-of-bounds read and resulting in a denial of service...
CVE-2024-36934
In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated...
SUSE CVE-2024-36934
In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated...
DEBIAN-CVE-2024-36935
In the Linux kernel, the following vulnerability has been resolved: ice: ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count bytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is...