SUSE CVE-2018-8897

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual SDM was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for DB exceptions that are deferred by MOV SS or POP SS, as demonstrated ...

SUSE CVE-2019-11479

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...

SUSE CVE-2019-14778

The mkv::virtualsegmentc::seek method of demux/mkv/virtualsegment.cpp in VideoLAN VLC media player 3.0.7.1 has a use-after-free...

SUSE CVE-2019-16778

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case datasize and numsegments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

SUSE CVE-2019-19449

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fsbuildsegmentmanager in fs/f2fs/segment.c, related to initminmaxmtime in fs/f2fs/segment.c because the second argument to getsegentry is not validated...

SUSE CVE-2019-19814

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause removedirtysegment slab-out-of-bounds write access because an array is bounded by the number of dirty types 8 but the array index can exceed this...

SUSE CVE-2019-20805

plxelf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PTDYNAMIC segment...

SUSE CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue...

SUSE CVE-2020-13988

An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uipprocess in net/ipv4/uip.c...

SUSE CVE-2020-27765

A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause...

SUSE CVE-2021-29552

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...

SUSE CVE-2021-41195

TensorFlow is an open source platform for machine learning. In affected versions the implementation of tf.math.segment operations results in a CHECK-fail related abort and denial of service if a segment id in segmentids is large. This is similar to CVE-2021-29584 and similar other reported...

SUSE CVE-2021-44879

In gcdatasegment in fs/f2fs/gc.c in the Linux kernel before 5.16.3, special files are not considered, leading to a movedatapage NULL pointer dereference...

SUSE CVE-2022-21333

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

SUSE CVE-2022-21482

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 8.0.28 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where th...

SUSE CVE-2022-29204

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...

PT-2023-35125 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.92 Description: A NULL pointer issue was found in the skb segment list function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

VMware ESXi OpenSLP heap overflow

Added: 02/10/2023 Background VMware ESXi is a bare metal hypervisor. Problem A heap overflow vulnerability in the OpenSLP service could allow an attacker on the same network segment to execute arbitrary commands. Resolution Upgrade to a fixed version referenced in VMSA-2021-0002 or disable the SL...

PT-2023-13260 · Unknown · User Identity Module

Name of the Vulnerable Software and Affected Versions: User Identity Module affected versions not specified Description: The issue is related to memory corruption in the User Identity Module due to an integer overflow that leads to a buffer overflow. This occurs when a segment is received via qmi...

PT-2023-13032 · Cypress · Cypress Bluetooth Mesh Sdk

Name of the Vulnerable Software and Affected Versions: Cypress Bluetooth Mesh SDK version BSA0107 05.01.00-BX8-AMESH-08 Description: The issue is related to a buffer overflow that can allow the execution of arbitrary code remotely. It is caused by an out-of-bound write vulnerability during mesh...