CLSA-2024-1722529534 libtiff: Fix of 2 CVEs

CVE-2023-52356: added proper validation and boundary checks to prevent the SEGV and potential heap-buffer overflow - CVE-2023-52355: added functionality to set a maximum possible allocation size in bytes in order to prevent out-of-memory issues when opening a TIFF file and added memory limit...

CVE-2023-52868 thermal: core: prevent potential string overflow

In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...

CVE-2024-26733 arp: Prevent overflow in arp_req_get().

In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arpreqget. syzkaller reported an overflown write in arpreqget. 0 When ioctlSIOCGARP is issued, arpreqget looks up an neighbour entry and copies neigh-ha to struct arpreq.arpha.sadata. The arpha here is...