PT-2023-8854 · Vim +6 · Vim +6

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 9.0.2107 Description: A floating point exception may occur in Vim when calculating the line offset for overlong lines and smooth scrolling is enabled, along with the 'cpo' settings including the n flag. This issue is...

Amazon Linux 2 : qemu (ALAS-2023-2336)

The version of qemu installed on the remote host is prior to 3.1.0-8. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2336 advisory. A bug in QEMU could cause a guest I/O operation otherwise addressed to an arbitrary disk offset to be targeted to offset 0 instead...

kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

kernel: bus: mhi: host: Range check CHDBOFF and ERDBOFF

A missing bounds check flaw was found in the Linux kernel's Modem Host Interface bus driver in the channel doorbell offset validation logic. A local user can trigger this issue on systems with MHI devices typically Qualcomm modems or wireless cards by using a device that provides malformed or...

Fedora 37 : xorg-x11-server (2023-f111d2f306)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-f111d2f306 advisory. Security fix for CVE-2023-5367, CVE-2023-5380 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note...

xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty

A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...

RHEL 7 : xorg-x11-server (RHSA-2023:6802)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6802 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user...

CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption...

DEBIAN-CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption...

UBUNTU-CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption...

kernel: drm/i915: Fix a memory leak with reused mmap_offset

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix a memory leak with reused mmapoffset drmvmanodeallow and drmvmanoderevoke should be called in balanced pairs. We call drmvmanodeallow once per-file everytime a user calls mmapoffset, but only call drmvmanoderevoke...

kernel: wifi: iwlwifi: mvm: fix potential array out of bounds access

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWLSECWEPKEYOFFSET when needed while verifying keylen size in iwlmvmseckeyadd...

kernel: erspan: do not use skb_mac_header() in ndo_start_xmit()

In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skbmacheader in ndostartxmit Drivers should not assume skbmacheaderskb == skb-data in their ndostartxmit. Use skbnetworkoffset and skbtransportoffset which better describe what is needed in erspanfbxmit and...

glib: GVariant offset table entry size is not checked in is_normal()

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...

CVE-2023-22388 Use of Out-of-range Pointer Offset in Multi-mode Call Processor

Memory Corruption in Multi-mode Call Processor while processing bit mask API...

CVE-2023-22388 Use of Out-of-range Pointer Offset in Multi-mode Call Processor

Memory Corruption in Multi-mode Call Processor while processing bit mask API...

CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket and results in a memory corruption...

VideoLAN VLC media player security vulnerability

VideoLAN VLC media player is a free, open source cross-platform multimedia player also a multimedia framework organized by VideoLAN France. It supports the playback of a wide range of media files, CD-ROMs, etc., audio and video formats WMV, MP3, etc., and more. A security vulnerability exists in...

PT-2023-9354 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to a slab out-of-bounds write in the smb inherit dacl function, caused by offsets being larger than the pntsd allocation size. This can lead to unauthorized access...

Fedora 39 : freerdp (2023-74108ca60d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-74108ca60d advisory. Update to 2.11.1 ---- Update to 2.11.0 CVE-2023-39350, CVE-2023-39351, CVE-2023-39352, CVE-2023-39353, CVE-2023-39354, CVE-2023-39356, CVE-2023-4018...