81 matches found
CVE-2022-49701
The CVE-2022-49701 entry documents a Linux kernel issue in the ibmvfc SCSI driver where queue resources (sub-queues and event pool) are allocated/freed on every CRQ connection event (e.g., reset, LPM) instead of only during probe/remove. This can cause memory inefficiency, potential allocation fa...
[SECURITY] [DLA 4064-1] libxml2 security update
Debian LTS Advisory DLA-4064-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost February 22, 2025 https://wiki.debian.org/LTS Package : libxml2 Version : 2.9.10+dfsg-6.7+deb11u6 CVE ID : CVE-2022-49043 CVE-2023-39615 CVE-2023-45322 CVE-2024-25062 CVE-2024-56171...
CVE-2024-55656
CVE-2024-55656 (RedisBloom Integer Overflow) affects RedisBloom module used with Redis. The vulnerability occurs in CMS.INITBYDIM when allocating memory for a Count-Min Sketch using user-supplied width/depth, allowing heap memory under-allocation, leading to out-of-bounds read (OOB read) and writ...
CVE-2023-52559 iommu/vt-d: Avoid memory allocation in iommu_suspend()
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Avoid memory allocation in iommususpend The iommususpend syscore suspend callback is invoked with IRQ disabled. Allocating memory with the GFPKERNEL flag may re-enable IRQs during the suspend callback, which can cause...
SUSE-SU-2022:4252-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2019-13112: Fixed an uncontrolled memory allocation in PngChunk:parseChunkContent causing denial of service. bsc1142681 - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read. bsc1189332 - CVE-2021-34334: Fixed a DoS due to integer...
SUSE-SU-2022:3598-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2021-37621: Fixed denial of service due to infinite loop in Image:printIFDStructure bsc1189333. - CVE-2021-37620: Fixed out-of-bounds read in XmpTextValue:read bsc1189332. - CVE-2021-37619: Fixed out-of-bounds read in...
CVE-2021-27411 Micrium OS Integer Overflow or Wraparound
Micrium OS Versions 5.10.1 and prior are vulnerable to integer wrap-around in functions MemDynPoolCreate, MemDynPoolCreateHW and MemPoolCreate. This unverified memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as very small blocks of memory being...
SUSE-SU-2022:14888-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2015-8683: Fixed out-of-bounds when reading CIE Lab image format files bsc1156754. - CVE-2015-8665: Fixed out-of-bounds read in tifgetimage.c bsc1156749. - CVE-2020-35521: Fixed memory allocation failure in tifread.c bsc1182808. -...
SUSE-SU-2022:0480-1 Security update for tiff
This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb bsc1071031. - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image bsc1154365. - CVE-2020-19131: Fixed buffer overflow in...
SUSE-SU-2022:14875-1 Security update for java-1_7_1-ibm
This update for java-171-ibm fixes the following issues: - Update to Java 7.1 Service Refresh 5 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
SUSE-SU-2022:0108-1 Security update for java-1_8_0-ibm
This update for java-180-ibm fixes the following issues: - Update to Java 8.0 Service Refresh 7 Fix Pack 0 - CVE-2021-41035: before version 0.29.0, the openj9 JVM does not throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods. bsc1194198, bsc1192052 - CVE-2021-3558...
SUSE-SU-2021:3771-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version OpenJDK 8u312 October 2021 CPU: - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS bsc1191901. - CVE-2021-35556: Fixed excessive memory allocation in RTFParser bsc1191910. - CVE-2021-35559: Fixed...
OPENSUSE-SU-2021:3770-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: Update to version OpenJDK 8u312 October 2021 CPU: - CVE-2021-35550: Fixed weak ciphers preferred over stronger ones for TLS bsc1191901. - CVE-2021-35556: Fixed excessive memory allocation in RTFParser bsc1191910. - CVE-2021-35559: Fixed...
OPENSUSE-SU-2021:1455-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u312 build 07 with OpenJ9 0.29.0 virtual machine including Oracle July 2021 and October 2021 CPU changes - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder on Windows bsc1185056. ...
OPENSUSE-SU-2021:3615-1 Security update for java-1_8_0-openj9
This update for java-180-openj9 fixes the following issues: Update to OpenJDK 8u312 build 07 with OpenJ9 0.29.0 virtual machine including Oracle July 2021 and October 2021 CPU changes - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder on Windows bsc1185056. ...
OPENSUSE-SU-2021:1115-1 Security update for apache-commons-compress
This update for apache-commons-compress fixes the following issues: - Updated to 1.21 - CVE-2021-35515: Fixed an infinite loop when reading a specially crafted 7Z archive. bsc1188463 - CVE-2021-35516: Fixed an excessive memory allocation when reading a specially crafted 7Z archive. bsc1188464 -...
OPENSUSE-SU-2021:0670-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-23215: Fixed an integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185216. - CVE-2021-26260: Fixed an Integer-overflow in Imf25:DwaCompressor:initializeBuffers bsc1185217. - CVE-2021-20296: Fixed a Null Pointer dereference ...
SUSE: Security Advisory (SUSE-SU-2016:3107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2019-0302 Updated java-1.8.0-openjdk packages fix security vulnerabilities
The updated packages fix several bugs and some security issues: Missing restrictions on use of custom SocketImpl Networking, 8218573. CVE-2019-2945 Improper handling of Kerberos proxy credentials Kerberos, 8220302. CVE-2019-2949 NULL pointer dereference in DrawGlyphList 2D, 8222690. CVE-2019-2962...
SUSE-SU-2018:1562-2 Security update for glibc
This update for glibc fixes the following issues: - CVE-2017-18269: Fix SSE2 memmove issue when crossing 2GB boundary bsc1094150 - CVE-2018-11236: Fix overflow in path length computation bsc1094161 - CVE-2018-11237: Don't write beyond buffer destination in mempcpyavx512novzeroupper bsc1094154 Non...