1874 matches found
CVE-2024-42281 bpf: Fix a segment issue when downgrading gso_size
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gsosize Linearize the skb when downgrading gsosize because it may trigger a BUGON later when the skb is segmented as described in 1,2...
CLSA-2024-1723806933 Fix of 55 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-39467 - f2fs: fix to do sanity check on ixattrnid in sanitycheckinode CVE-url: https://ubuntu.com/security/CVE-2024-36940 - pinctrl: core: delete incorrect free in pinctrlenable CVE-url: https://ubuntu.com/security/CVE-2024-38659 - enic: Validate leng...
PT-2024-40884 · Fastjson2 · Fastjson2
Name of the Vulnerable Software and Affected Versions: fastjson2 affected versions not specified Description: The issue is related to a security exception in the fastjson2 library. A crash occurs due to a cycle in the JSONPathSegment, specifically in the CycleNameSegment$MapLoop.accept method. Th...
CVE-2024-42242
A flaw was found in the mmc: sdhci driver in the Linux kernel, caused by setting the maximum segment size below the required page size PAGESIZE. This discrepancy leads to validation errors and potential issues in handling I/O operations. The fix involved updating the sdhci driver to ensure that t...
ipv6: sr: fix memleak in seg6_hmac_init_algo
...
kernel: nsh: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment().
In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...
SUSE CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
DEBIAN-CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
UBUNTU-CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242 mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242 mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
CVE-2024-42242 mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE
In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix maxsegsize for 64KiB PAGESIZE blkqueuemaxsegmentsize ensured: if maxsize maxsegmentsize PAGESIZE return -EINVAL; The change from one to the other, exposed sdhci which was setting maximum segment size too low in so...
libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service
A segment fault SEGV flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the mmc:sdhci module setting the maximum segment size too low under certain circumstances and needs to be...
ALSA-2024:5079 Moderate: libtiff security update
The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: libtiff: Heap-based buffer overflow in ChopUpSingleUncompressedStrip in tifdirread.c CVE-2018-15209 libtiff: Buffer Overflow via /libtiff/tools/tiffcrop.c CVE-2023-25433...
DEBIAN-CVE-2024-40957
In the Linux kernel, the following vulnerability has been resolved: seg6: fix parameter passing when calling NFHOOK in End.DX4 and End.DX6 behaviors inputactionenddx4 and inputactionenddx6 are called NFHOOK for PREROUTING hook, in PREROUTING hook, we should passing a valid indev, and a NULL outde...
CVE-2024-40944
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...
CVE-2024-40944
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix bug with call depth tracking The call to ccplatformhas triggers a fault and system crash if call depth tracking is active because the GS segment has been reset by loadsegments and GSBASE is now 0 but call depth...