CVE-2022-48934

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...

CVE-2022-48934 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...

CVE-2022-48934

CVE-2022-48934 affects the Linux kernel code for nfp: flower. The issue is a leak in nfp_tunnel_add_shared_mac() related to ida_simple_get() returning an id in 0..NFP_MAX_MAC_INDEX (0xff) and the error path requiring the invalid ida_idx not to be within that range. The fix is to set the invalid v...

CVE-2022-48934 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...

CVE-2022-48934

In the Linux kernel, the following vulnerability has been resolved: nfp: flower: Fix a potential leak in nfptunneladdsharedmac idasimpleget returns an id between min 0 and max NFPMAXMACINDEX inclusive. So NFPMAXMACINDEX 0xff is a valid id. In order for the error handling path to work correctly, t...

CVE-2021-47054

In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro...

CVE-2021-47054 bus: qcom: Put child node before return

In the Linux kernel, the following vulnerability has been resolved: bus: qcom: Put child node before return Put child node before return to fix potential reference count leak. Generally, the reference count of child is incremented and decremented automatically in the macro...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-5992

A vulnerability was found in OpenSC where PKCS1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data...

CVE-2023-20575

A flaw was found in hw, where a potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM, potentially resulting in a leak of sensitive information. Mitigatio...

GLSA-202305-27 : Tinyproxy: Memory Disclosure

The remote host is affected by the vulnerability described in GLSA-202305-27 Tinyproxy: Memory Disclosure - Potential leak of left-over heap data if custom error page templates containing special non-standard variables are used. Tinyproxy commit 84f203f and earlier use uninitialized buffers in...

GSD-2023-1001080 misc: ocxl: fix possible name leak in ocxl_file_register_afu()

misc: ocxl: fix possible name leak in ocxlfileregisterafu This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

CVE-2022-40468

CVE-2022-40468 affects tinyproxy. The issue is a potential leak of left-over heap data when using custom error page templates with non-standard variables, caused by uninitialized buffers in process_request() and related header handling. Multiple advisories confirm risk across distros, including D...

Memory corruption

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...

GSD-2022-1000859 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

nfp: flower: Fix a potential leak in nfptunneladdsharedmac This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.103 by commit...

GSD-2022-1000807 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

nfp: flower: Fix a potential leak in nfptunneladdsharedmac This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.26 by commit...

GSD-2022-1000741 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()

nfp: flower: Fix a potential leak in nfptunneladdsharedmac This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.12 by commit...

CVE-2021-29982

Due to incorrect JIT optimization, we incorrectly interpreted data from the wrong type of object, resulting in the potential leak of a single bit of memory. This vulnerability affects Firefox 91 and Thunderbird 91...

CentOS 8 : thunderbird (CESA-2020:3341)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:3341 advisory. - Mozilla: Potential leak of redirect targets when loading scripts in a worker CVE-2020-15652 - Mozilla: Memory safety bugs fixed in Firefox 79 and...

RHEL 8 : thunderbird (RHSA-2020:3342)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3342 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 68.11.0. Security Fixes:...