Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from the failure to correctly validate offsets when processing JSON inputs with formattin...

SUSE CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

EUVD-2023-60455

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

UBUNTU-CVE-2023-54186

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

CVE-2023-54186

CVE-2023-54186 relates to the Linux kernel’s usb: typec: altmodes/displayport code path. The underlying issue was a negative indexing regression in pin_assignment_show triggered when get_current_pin_assignments returns 0 (no compatible pin assignments). This produced a KASAN use-after-free condit...

CVE-2023-54186 usb: typec: altmodes/displayport: fix pin_assignment_show

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pinassignmentshow This patch fixes negative indexing of buf array in pinassignmentshow when getcurrentpinassignments returns 0 i.e. no compatible pin assignments are found. BUG: KASAN:...

EUVD-2022-0291

Malicious code in bioql PyPI...

EUVD-2024-41758

Malicious code in bioql PyPI...

CLSA-2025-1758193800 php: Fix of CVE-2020-7067

CVE-2020-7067: fix negative indexing in phpurldecode function...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the ALSA hda/via component potentially accessing negatively indexed arrays in the addsecretdacpath function...

CVE-2022-21728

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

CVE-2024-45573

Memory corruption may occour while generating test pattern due to negative indexing of display ID...

CVE-2024-45573 Use of Out-of-range Pointer Offset in Display

Memory corruption may occour while generating test pattern due to negative indexing of display ID...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from a negative indexing of display IDs, where memory corruption may occur when generating test patterns...

DEBIAN-CVE-2024-42121

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index msgid before read or write WHAT msgid is used as an array index and it cannot be a negative value, and therefore cannot be equal to MODHDCPMESSAGEIDINVALID -1. HOW Check whether msgid is valid before...

Out of bounds read in Tensorflow

Impact The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read: python import tensorflow as tf @tf.function def test: y = tf.rawops.ReverseSequence input = 'aaa','bbb', seqlengths = 1,1,1, seqdim = -10, batchdim = -...

PYSEC-2022-52

Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for ReverseSequence does not fully validate the value of batchdim and can result in a heap OOB read. There is a check to make sure the value of batchdim does not go over the rank of the input, but there...

CVE-2020-15207

CVE-2020-15207 affects TensorFlow Lite: negative indexing support uses ResolveAxis and only debug builds validate the converted index, allowing out-of-bounds access that can cause segfaults/data corruption. Affected: TensorFlow Lite before 1.15.4, 2.0.3, 2.1.2, 2.2.1, 2.3.1. Root cause: insuffici...