CLSA-2025-1739525795 kernel: Fix of 24 CVEs

media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat CVE-2024-53104 - wifi: ath9k: add range check for connrspepid in htcconnectservice CVE-2024-53156 - xsk: fix OOB map writes when deleting elements CVE-2024-56614 - hvsock: Initializing vsk-trans to NULL to prevent a...

AZL-55748 CVE-2024-56615 affecting package kernel for versions less than 6.6.76.1-1

In the Linux kernel, the following vulnerability has been resolved: bpf: fix OOB devmap writes when deleting elements Jordy reported issue against XSKMAP which also applies to DEVMAP - the index used for accessing map entry, due to being a signed integer, causes the OOB writes. Fix is simple as...

CVE-2024-11236

CVE-2024-11236 affects PHP versions with ldap_escape() on 32-bit systems where uncontrolled long inputs can overflow an integer, causing an out-of-bounds write. Affected are PHP 8.1.x before 8.1.31, 8.2.x before 8.2.26, and 8.3.x before 8.3.14. The issue is described in multiple sources, includin...

Mageia: Security Advisory (MGASA-2017-0083)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FaceTime - 'readSPSandGetDecoderParams' Stack Corruption

There are a variety of problems that occur when processing malformed H264 streams in readSPSandGetDecoderParams, leading to OOB read, OOB write and stackchk crashes. I think the root cause is stack corruption. This issue can occur if someone accepts a malicious FaceTime call. To reproduce the...

Code injection

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

CVE-2017-6307

CVE-2017-6307 affects the tnef project (MS-TNEF MIME unpacker). The issue is two out-of-bounds writes in mapi_attr_read() (src/mapi_attr.c) that could lead to invalid read/write operations, with the advisory stating vulnerable versions up to 1.4.13 and fixes delivered in newer releases. Fedora an...

CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

CVE-2017-6307

An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...

openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189)

This update for compat-openssl098 fixes the following issues : OpenSSL Security Advisory 22 Sep 2016 bsc999665 Severity: High - OCSP Status Request extension unbounded memory growth CVE-2016-6304 bsc999666 Severity: Low - Pointer arithmetic undefined behaviour CVE-2016-2177 bsc982575 - Constant...