41 matches found
EUVD-2022-54907
Malicious code in bioql PyPI...
CVE-2022-50167
In the Linux kernel, the following vulnerability has been resolved: bpf: fix potential 32-bit overflow when accessing ARRAY map element If BPF array map is bigger than 4GB, element pointer calculation can overflow because both index and elemsize are u32. Fix this everywhere by forcing 64-bit...
CVE-2022-49320
In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan fix descsize data type In zynqmpdmaalloc/freechanresources functions there is a potential overflow in the below expressions. dmaalloccoherentchan-dev, 2 chan-descsize ZYNQMPDMANUMDESC...
CVE-2022-49320
The CVE-2022-49320 entry concerns the Linux kernel dmaengine for ZynqMP DMA. The root cause is an overflow risk in zynqmp_dma_alloc/free_chan_resources where 32-bit operands are used in size calculations (2 * chan->desc_size * ZYNQMP_DMA_NUM_DESCS). The fix changes the desc_size data type to s...
SUSE-SU-2024:2890-1 Security update for libqt5-qtbase
This update for libqt5-qtbase fixes the following issues: - CVE-2023-51714: Fixed an incorrect integer overflow check bsc1218413. - CVE-2024-39936: Fixed information leakage due to process HTTP2 communication before encrypted can be responded to bsc1227426 - CVE-2023-45935: Fixed NULL pointer...
CVE-2024-36948
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...
CVE-2024-36948
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...
CVE-2024-36948
CVE-2024-36948 : In the Linux kernel, the drm/xe/xe_migrate code path cast to output precision before multiplying operands, addressing overflow when multiplying two 32-bit values before widening to 64-bit. Root cause: overflow in the result of multiplying two lower-precision (u32) operands prior ...
CVE-2024-36948 drm/xe/xe_migrate: Cast to output precision before multiplying operands
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...
CVE-2024-36948 drm/xe/xe_migrate: Cast to output precision before multiplying operands
In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...
CVE-2024-26843 efi: runtime: Fix potential overflow of soft-reserved region size
In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size mdsize will have been narrowed if we have = 4GB worth of pages in a soft-reserved region...
CVE-2024-26843
CVE-2024-26843: In the Linux kernel, the EFI runtime subsystem had a fix for a potential overflow in the soft-reserved region size. Specifically, md_size could be narrowed when there are >= 4 GiB worth of pages in a soft-reserved region. The vulnerability is reported as a local vulnerability w...
CVE-2024-26843
In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size mdsize will have been narrowed if we have = 4GB worth of pages in a soft-reserved region...
CVE-2021-47172
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...
CVE-2021-47172
CVE-2021-47172 concerns the Linux kernel iio: adc: ad7124 driver. The vulnerability is a potential overflow caused by non sequential channel numbering (holes in channel indices) which can overflow the storage used for channel data. The bug was introduced while addressing ordering of child nodes a...
CVE-2021-47172 iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers
In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: Fix potential overflow due to non sequential channel numbers Channel numbering must start at 0 and then not have any holes, or it is possible to overflow the available storage. Note this bug was introduced as pa...
Upgraded Q -> 3 from #878 [1683053134023]
Judge has assessed an item in Issue 878 as 3 risk. The relevant finding follows: L-7 Potential overflow while updating reserves values in PrivatePool contract - --- The text was updated successfully, but these errors were encountered: All reactions...
GSD-2022-1006442 wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd()
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965rsfilllinkcmd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version...
GSD-2022-1006415 wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd()
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965rsfilllinkcmd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version...
GSD-2022-1006363 wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965_rs_fill_link_cmd()
wifi: iwlegacy: 4965: corrected fix for potential off-by-one overflow in il4965rsfilllinkcmd This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version...