UBUNTU-CVE-2024-42072

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix maygoto with negative offset. Zac's syzbot crafted a bpf prog that exposed two bugs in maygoto. The 1st bug is the way maygoto is patched. When offset is negative it should be patched differently. The 2nd bug is in the...

CVE-2024-42072 bpf: Fix may_goto with negative offset.

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix maygoto with negative offset. Zac's syzbot crafted a bpf prog that exposed two bugs in maygoto. The 1st bug is the way maygoto is patched. When offset is negative it should be patched differently. The 2nd bug is in the...

CVE-2024-41065 powerpc/pseries: Whitelist dtl slub object for copying to userspace

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Whitelist dtl slub object for copying to userspace Reading the dispatch trace log from /sys/kernel/debug/powerpc/dtl/cpu- results in a BUG when the config CONFIGHARDENEDUSERCOPY is enabled as shown below. kernel...

DEBIAN-CVE-2024-41019

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

UBUNTU-CVE-2024-41019

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

CVE-2024-41019 fs/ntfs3: Validate ff offset

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

CVE-2024-41019 fs/ntfs3: Validate ff offset

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

CVE-2024-41019

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validate ff offset This adds sanity checks for ff offset. There is a check on rt-firstfree at first, but walking through by ff without any check. If the second ff is a large offset. We may encounter an out-of-bound read...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a problem with the way it is patched at maygoto, which should be patched differently when the offset is...

CLSA-2024-1721929982 Fix CVE(s): CVE-2023-39128, CVE-2023-39129, CVE-2023-39130

SECURITY UPDATE: stack buffer overflow in adadecode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build -...

CLSA-2024-1721929836 Fix CVE(s): CVE-2023-39128, CVE-2023-39129, CVE-2023-39130

SECURITY UPDATE: stack buffer overflow in adadecode - debian/patches/CVE-2023-39128.patch: Fix stack buffer overflow - CVE-2023-39128 SECURITY UPDATE: stack buffer overflow - debian/patches/CVE-2023-39129.patch: Verify COFF symbol stringtab offset and fix problem with 32bit architecture build -...

kernel: smb: client: fix potential OOBs in smb2_parse_contexts()

A flaw was found in the smb client in the Linux kernel. A potential out-of-bounds error was seen in the smb2parsecontexts function. Validate offsets and lengths before dereferencing create contexts in smb2parsecontexts...

A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted xy offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

...

SUSE CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

SUSE CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

DEBIAN-CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

UBUNTU-CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndissetresponse If "BufOffset" is very large the "BufOffset + 8" operation can have an integer overflow...

DEBIAN-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

UBUNTU-CVE-2022-48827

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...

CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...