CVE-2024-35917 s390/bpf: Fix bpf_plt pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...

CVE-2024-35917 s390/bpf: Fix bpf_plt pointer arithmetic

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpfplt pointer arithmetic Kui-Feng Lee reported a crash on s390x triggered by the dummystops/dummyinitptrarg test 1: 0x2 bpfstructopstestrun+0x156/0x250 sysbpf+0xa1a/0xd00 s390xsysbpf+0x44/0x50 dosyscall+0x244/0x300...

USN-6736-1: klibc vulnerabilities

It was discovered that zlib, vendored in klibc, incorrectly handled pointer arithmetic. An attacker could use this issue to cause klibc to crash or to possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 Danilo Ramos discovered that zlib, vendored in klibc, incorrectly handled memory whe...

BIT-TENSORFLOW-2021-29614 Interpreter crash from `tf.io.decode_raw`

TensorFlow is an end-to-end open source platform for machine learning. The implementation of tf.io.decoderaw produces incorrect results and crashes the Python interpreter when combining fixedlength and wider datatypes. The implementation of the padded...

SUSE CVE-2023-52531

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

CVE-2021-47107

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small say, zero, then the buffer size calculation in the new initdirlist helper functions results in an underflow, allowing the XDR stream...

Buffer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small say, zero, then the buffer size calculation in the new initdirlist helper functions results in an underflow, allowing the XDR stream...

CVE-2021-47107

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix READDIR buffer overflow If a client sends a READDIR count argument that is too small say, zero, then the buffer size calculation in the new initdirlist helper functions results in an underflow, allowing the XDR stream...

DEBIAN-CVE-2023-52531

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

UBUNTU-CVE-2023-52531

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

Memory corruption

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

CVE-2023-52531 wifi: iwlwifi: mvm: Fix a memory corruption issue

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

CVE-2023-52531 wifi: iwlwifi: mvm: Fix a memory corruption issue

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc'ed for: sizeofstruct iwlnvmdata + sizeofstruct ieee80211channel + sizeofstruct ieee80211rate 'mvm-nvmdata' is a 'struct iwlnvmdata', so it is...

SUSE CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

DEBIAN-CVE-2021-46974

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix masking negation logic upon negative dst register The negation logic for the case where the offreg is sitting in the dst register is not correct given then we cannot just invert the add to a sub or vice versa. As a fix,...

UBUNTU-CVE-2024-26589

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

CVE-2024-26589 bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS

In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTRTOFLOWKEYS For PTRTOFLOWKEYS, checkflowkeysaccess only uses fixed off for validation. However, variable offset ptr alu is not prohibited for this ptr kind. So the variable offset is not...

kernel: speculative pointer dereference in do_prlimit() in kernel/sys.c

A vulnerabilty was found in Linux Kernel, where a speculative pointer dereference problem exists in the Linux Kernel on the doprlimit function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents...