1757 matches found
CVE-2024-43380
fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sigh...
CVE-2024-43380 fugit parse and parse_nat stall on lengthy input
fugit contains time tools for flor and the floraison group. The fugit "natural" parser, that turns "every wednesday at 5pm" into "0 17 3", accepted any length of input and went on attempting to parse it, not returning promptly, as expected. The parse call could hold the thread with no end in sigh...
GSD-2023-1002417 nilfs2: fix underflow in second superblock position calculations
nilfs2: fix underflow in second superblock position calculations This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.306 by commit...
GSD-2023-1002414 net: USB: Fix wrong-direction WARNING in plusb.c
net: USB: Fix wrong-direction WARNING in plusb.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.273 by commit...
GSD-2023-1002404 net: USB: Fix wrong-direction WARNING in plusb.c
net: USB: Fix wrong-direction WARNING in plusb.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...
GSD-2023-1002403 net: sched: sch: Bounds check priority
net: sched: sch: Bounds check priority This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...
GSD-2023-1002394 ASoC: SOF: Intel: hda-dai: fix possible stream_tag leak
ASoC: SOF: Intel: hda-dai: fix possible streamtag leak This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.232 by commit...
GSD-2023-1002387 net: USB: Fix wrong-direction WARNING in plusb.c
net: USB: Fix wrong-direction WARNING in plusb.c This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.168 by commit...
GSD-2023-1002386 cifs: Fix use-after-free in rdata->read_into_pages()
cifs: Fix use-after-free in rdata-readintopages This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.168 by commit...
GSD-2023-1002372 net: sched: sch: Fix off by one in htb_activate_prios()
net: sched: sch: Fix off by one in htbactivateprios This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.169 by commit...
GSD-2023-1002368 xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr()
xfrm/compat: prevent potential spectre v1 gadget in xfrmxlate32attr This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...
GSD-2023-1002366 RDMA/irdma: Fix potential NULL-ptr-dereference
RDMA/irdma: Fix potential NULL-ptr-dereference This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.94 by commit...
GSD-2023-1002357 ALSA: hda: Do not unset preset when cleaning up codec
ALSA: hda: Do not unset preset when cleaning up codec This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.95 by commit...
GSD-2023-1002336 of: Make OF framebuffer device names unique
of: Make OF framebuffer device names unique This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.12 by commit...
GSD-2023-1002321 net: ethernet: mtk_eth_soc: Avoid truncating allocation
net: ethernet: mtkethsoc: Avoid truncating allocation This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.13 by commit...
GSD-2023-1002301 net/sched: tcindex: search key must be 16 bits
net/sched: tcindex: search key must be 16 bits This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.13 by commit...
PT-2023-35388 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.13 Description: The issue is related to possible resource leaks in some error paths in the mmc: sdio component. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...
GSD-2023-1002273 nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame()
nfc: pn533: Wait for outurb's completion in pn533usbsendframe This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.270 by commit...
GSD-2023-1002254 HID: betop: check shape of output reports
HID: betop: check shape of output reports This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.272 by commit...
GSD-2023-1002246 x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL
x86/i8259: Mark legacy PIC interrupts with IRQLEVEL This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.272 by commit...