7 matches found
CVE-2023-52988 ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path()
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda/via: Avoid potential array out-of-bound in addsecretdacpath sndhdagetconnections can return a negative error code. It may lead to accessing 'conn' array at a negative index. Found by Linux Verification Center...
Linux Distros Unpatched Vulnerability : CVE-2024-58015
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: ath12k: Fix for out-of bound access error Selfgen stats are placed in a buffer using printarraytobufindex function. Array length parameter passed to the...
CVE-2022-48979
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix array index out of bound error in DCN32 DML Why&How LinkCapacitySupport array is indexed with the number of voltage states and not the number of max DPPs. Fix the error by changing the array declaration to us...
[slackware-security] libarchive
New libarchive packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libarchive-3.7.3-i586-2slack15.0.txz: Rebuilt. Patched an out-of-bound error in the rar e8 filter that could allow for the...
Denial Of Service (DoS)
tensorflow is vulnerable to denial of service DoS attacks. When a MirrorPadGrad is given outsize input paddings, the library gives a heap out of bound error, which allows an attacker to cause tensorflow to crash...
Denial Of Service (DoS)
Spring Expression is vulnerable to denial of service. The vulnerability exists due to the creation of large array in a SpEL and sending meaningless error messages to the user which allows an attacker to send crafted SpEL expressions that leads to an out ouf bound error causing an application cras...
Remote Code Execution (RCE) Through Buffer Overread
libfontforge.so is vulnerable to remote code execution RCE attacks. A malicious user can pass a ttf file that when parsed causes an out-of-bound error that can crash the application or cause arbitrary code to be executed...