82 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stmmac has a left shift overflow when the number of queues is greater than four...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a bit shift overflow in the hidreportrawevent function in the HID kernel subsystem...
kernel: media: gspca: cpia1: shift-out-of-bounds in set_flicker
In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in setflicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in drivers/media/usb/gspca/cpia1.c:1031:27 shift exponent 245 is too large for 32-bit type 'int' When the...
SUSE CVE-2021-47044
In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...
PT-2024-21527
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue is related to a shift problem in the ufshcd clear cmd function. When task tag is greater than or equal to 32 in MCQ mode and the size of an unsigned integer is 4, the expressio...
AZL-32011 CVE-2023-48237 affecting package vim for versions less than 9.0.2112-1
Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This...
OESA-2023-1465 firefox security update
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security Fixes: In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating too few...
kernel: net: stmmac: fix dma queue left shift overflow issue
In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix dma queue left shift overflow issue When queue number is 4, left shift overflows due to 32 bits integer variable. Mask calculation is wrong for MTLRXQDMAMAP1. If CONFIGUBSAN is enabled, kernel dumps below warning...
SUSE CVE-2017-9188
libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63...
SUSE CVE-2021-3474
There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...
SUSE CVE-2021-3476
A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...
Debian dla-3236 : libopenexr-dev - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3236 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3236-1 [email protected]...
GSD-2022-1006398 swiotlb: avoid potential left shift overflow
swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.143 by commit...
GSD-2022-1006368 swiotlb: avoid potential left shift overflow
swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.68 by commit...
GSD-2022-1006331 swiotlb: avoid potential left shift overflow
swiotlb: avoid potential left shift overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.19.9 by commit...
PT-2022-34588 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.19.9 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. It was introduced in version v5.12 and fixed in Linux...
PT-2022-34625 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.68 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. It was introduced in version v5.12 and fixed in Linux...
PT-2022-34655 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.143 Description: The issue is related to a potential left shift overflow in swiotlb. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...
openSUSE 15 Security Update : openexr (openSUSE-SU-2021:1198-1)
The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1198-1 advisory. - A flaw found in function dataWindowForTile of IlmImf/ImfTiledMisc.cpp. An attacker who is able to submit a crafted file to be processed b...
Debian DLA-2701-1 : openexr - LTS security update
The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2701 advisory. - A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can...