2927 matches found
CVE-2024-47181 Unaligned memory access in RPL option processing in Contiki-NG
Contiki-NG is an open-source, cross-platform operating system for IoT devices. An unaligned memory access can be triggered in the two RPL implementations of the Contiki-NG operating system. The problem can occur when either one of these RPL implementations is enabled and connected to an RPL...
SUSE CVE-2020-8911
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code MAC, which then allows an attacker who has write access to the target's S3 bucket and can observe...
CLSA-2024-1732197150 Fix of 20 CVEs
Update to 8u432-ga fixing a number of CVEs - CVE-2024-20918: missing array range check in C1 compiler leads to out-of-bounds access - CVE-2024-20919: unverified bytecode execution because of the flaw in JVM class file verifier - CVE-2024-20921: optimization issue of loop range check in IfNode and...
kernel: arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
kernel: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section
In the Linux kernel, the following vulnerability has been resolved: x86/efistub: Use 1:1 file:memory mapping for PE/COFF .compat section The .compat section is a dummy PE section that contains the address of the 32-bit entrypoint of the 64-bit kernel image if it is bootable from 32-bit firmware...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure of the xfrm module to properly handle padding data when dumping algorithms, which could lead to...
SUSE CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
AZL-51834 CVE-2024-49997 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
DEBIAN-CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
UBUNTU-CVE-2024-49997
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2024-49997 net: ethernet: lantiq_etop: fix memory disclosure
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2024-49997 net: ethernet: lantiq_etop: fix memory disclosure
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
CVE-2024-49997
CVE-2024-49997 is a Linux kernel vulnerability where padding was not zeroed, causing memory disclosure observable on the wire in the net: ethernet: lantiq_etop driver. The root cause is missing zeroing during padding; the patch adds skb_put_padto() to pad Ethernet frames and zero expanded buffers...
CVE-2024-49997 net: ethernet: lantiq_etop: fix memory disclosure
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: lantiqetop: fix memory disclosure When applying padding, the buffer is not zeroed, which results in memory disclosure. The mentioned data is observed on the wire. This patch uses skbputpadto to pad Ethernet frames...
kernel: sched: act_ct: take care of padding in struct zones_ht_key
rhashtablelookup may be using padding bytes which are not initialized. This may lead to possible compromised Availability...
kernel: sched: act_ct: take care of padding in struct zones_ht_key
rhashtablelookup may be using padding bytes which are not initialized. This may lead to possible compromised Availability...
kernel: sched: act_ct: take care of padding in struct zones_ht_key
rhashtablelookup may be using padding bytes which are not initialized. This may lead to possible compromised Availability...
CVE-2024-42272
...