112 matches found
DEBIAN-CVE-2024-49861
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...
UBUNTU-CVE-2024-49861
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix helper writes to read-only maps Lonial found an issue that despite user- and BPF-side frozen BPF map like in case of .rodata, it was still possible to write into it from a BPF program side through specific helpers having...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: prefer nftchainvalidate CVE-2024-41042 In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Sanitise numphys CVE-2024-42159 In the Linux kernel, the following...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-52620 In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add NULL ptr dereference checking at the end of attrallocatefra...
CVE-2023-52619 pstore/ram: Fix crash when setting number of cpus to an odd number
In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers, the zone size will become an odd number. The address of the zone will become: addr of zone0 =...
kernel: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...
K000137107: Crypto++ vulnerability CVE-2022-48570
Security Advisory Description Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-143...
SUSE CVE-2018-6484
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
OESA-2023-1009 ImageMagick security update
Security Fixes: In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to...
Ubuntu: Security Advisory (USN-162-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ALPINE-CVE-2021-28704
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
Design/Logic Flaw
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
USN-4218-1 eglibc vulnerability
Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...
USN-4218-1: GNU C Library vulnerability
Jakub Wilk discovered that GNU C Library incorrectly handled certain memory alignments. An attacker could possibly use this issue to execute arbitrary code or cause a crash...
EulerOS 2.0 SP2 : zziplib (EulerOS-SA-2019-2478)
According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The zziplib is a lightweight library to easily extract data from zip files.Security Fixes:An issue was discovered in ZZIPlib through 0.13.69...
Denial Of Service (DoS)
ZZIPlib is vulnerable to denial of service DoS attacks. The library contains a memory alignment error and bus error in the zzip/zip.c file, allowing a malicious user to pass a zip file to the application to cause it to crash...
Design/Logic Flaw
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
CVE-2018-6484
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
CVE-2018-6484
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
DEBIAN-CVE-2018-6484
In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...