321 matches found
CVE-2024-42227 drm/amd/display: Fix overlapping copy within dml_core_mode_programming
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dmlcoremodeprogramming WHY &modelib-mp.Watermark and &locals-Watermark are the same address. memcpy may lead to unexpected behavior. HOW memmove should be used...
CVE-2024-42227 drm/amd/display: Fix overlapping copy within dml_core_mode_programming
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix overlapping copy within dmlcoremodeprogramming WHY &modelib-mp.Watermark and &locals-Watermark are the same address. memcpy may lead to unexpected behavior. HOW memmove should be used...
CVE-2024-39480
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...
CVE-2024-39480
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...
CVE-2024-39480 kdb: Fix buffer overflow during tab-complete
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...
CVE-2024-39480 kdb: Fix buffer overflow during tab-complete
In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdb will use strncpy to insert the completed symbol into the command buffer. Unfortunately it passes the size of t...
LZ4: Memory Corruption
Background LZ4 is a lossless compression algorithm, providing compression speed 500 MB/s per core, scalable with multi-cores CPU. It features an extremely fast decoder, with speed in multiple GB/s per core, typically reaching RAM speed limits on multi-core systems. Description An attacker who...
lz4: memory corruption due to an integer overflow bug caused by memmove argument
There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability...
SUSE CVE-2024-35823
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...
CVE-2024-35823
A vulnerability as found in the Linux kernel’s virtual terminal VT subsystem, which could lead to unicode buffer corruption when deleting characters. This issue arises from improper handling of unicode data, which can corrupt memory or lead to unintended behavior. Mitigation Mitigation for this...
DEBIAN-CVE-2024-35823
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...
CVE-2024-35823
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...
UBUNTU-CVE-2024-35823
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...
CVE-2024-35823 vt: fix unicode buffer corruption when deleting characters
In the Linux kernel, the following vulnerability has been resolved: vt: fix unicode buffer corruption when deleting characters This is the same issue that was fixed for the VGA text buffer in commit 39cdb68c64d8 "vt: fix memory overlapping when deleting chars in the buffer". The cure is also the...
CVE-2024-35823
CVE-2024-35823: Linux kernel vt buffer corruption when deleting characters has been fixed. Root cause: overlapping buffers in VT text handling; solution: replace memcpy() with memmove() (same approach as VGA text buffer fix). Affected component: vt in the Linux kernel. Remediation: upgrade to a k...
DEBIAN-CVE-2022-48627
In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer A memory overlapping copy occurs when deleting a long line. This memory overlapping copy can cause data corruption when scrmemcpyw is optimized to memcpy because memcpy...
DEBIAN-CVE-2023-52497
In the Linux kernel, the following vulnerability has been resolved: erofs: fix lz4 inplace decompression Currently EROFS can map another compressed buffer for inplace decompression, that was used to handle the cases that some pages of compressed data are actually not in-place I/O. However, like...
CLSA-2023-1695326199 lz4: Fix of CVE-2021-3520
CVE-2021-3520: Fix potential memory corruption with negative memmove size...
Denial Of Service (DoS)
libbzip3.so is vulnerable to Denial of Service DoS. The vulnerability exists in bz3decodeblock function of libbz3.c due to an invalid memmove causing an application crash...
CVE-2023-29420
An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3decodeblock...