2927 matches found
CVE-2024-39488
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
DEBIAN-CVE-2024-39488
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
CVE-2024-39488
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
UBUNTU-CVE-2024-39488
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
CVE-2024-39488
The CVE-2024-39488 issue is a Linux kernel arm64 bug related to end padding of bug_entry structures. When CONFIG_DEBUG_BUGVERBOSE=n, final bug_table entries in modules may lack trailing padding, causing the last entry to be ignored and potentially leading to an unexpected kernel panic during modu...
CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
CVE-2024-39488 arm64: asm-bug: Add .align 2 to the end of __BUG_ENTRY
In the Linux kernel, the following vulnerability has been resolved: arm64: asm-bug: Add .align 2 to the end of BUGENTRY When CONFIGDEBUGBUGVERBOSE=n, we fail to add necessary padding bytes to bugtable entries, and as a result the last entry in a bug table will be ignored, potentially leading to a...
Opensc: side-channel leaks while stripping encryption pkcs#1 padding
...
SUSE CVE-2024-38586
In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...
June 20, 2024—KB5041054 (OS Build 20348.2529) Out-of-band
June 20, 2024—KB5041054 OS Build 20348.2529 Out-of-band For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to fin...
DEBIAN-CVE-2024-38586
In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...
CVE-2024-38586
In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...
UBUNTU-CVE-2024-38586
In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...
CVE-2024-38586
CVE-2024-38586 : Linux kernel r8169/RTL8125b transmit path issue leading to possible ring-buffer corruption when transmitting small fragmented packets. Root cause: rtl8169_start_xmit() failed to detect changes to nr_frags after padding in rtl8169_tso_csum_v2(), causing invalid entries in the tran...
CVE-2024-38586 r8169: Fix possible ring buffer corruption on fragmented Tx packets.
In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An issue was found on the RTL8125b when transmitting small fragmented packets, whereby invalid entries were inserted into the transmit ring buffer, subsequently...
BIT-PHP-2024-2408 PHP is vulnerable to the Marvin Attack
The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...
Medium: opensc
Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 Affected Packages: opensc Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...
Medium: opensc
Issue Overview: A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data. CVE-2023-5992 Affected Packages: opensc Note: This advisory is applicable to Amazon Linux 2 AL2 Cor...
CVE-2024-2408
The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...