1833 matches found
GSD-2022-1007799 capabilities: fix undefined behavior in bit shift for CAP_TO_MASK
capabilities: fix undefined behavior in bit shift for CAPTOMASK This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.9 by commit...
PT-2022-36127 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.80 Description: A potential security issue exists in the gfs2 component of the Linux Kernel. The issue involves checking sb bsize shift after reading the superblock. The actual impact and attack plausibili...
PT-2022-36095 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.8 Description: The issue concerns undefined behavior in bit shift for mdiobus register in the Linux Kernel's MDIO module. The actual impact and attack plausibility have not yet been proven. Recommendations:...
PT-2022-36357 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.154 Description: The issue concerns undefined behavior in bit shift for mdiobus register in the Linux Kernel's net: mdio module. The actual impact and attack plausibility have not yet been proven...
PT-2022-36336 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 2.6.25 through 5.10.154 Description: The issue concerns undefined behavior in bit shift for CAP TO MASK. It was introduced in version v2.6.25 and fixed in version v5.10.155. The actual impact and attack plausibility have...
PT-2022-36562 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.300 Description: The issue concerns undefined behavior in bit shift for CAP TO MASK. It was introduced in version v2.6.25 and fixed in version v4.14.300. The actual impact and attack plausibility have not...
PT-2022-36568 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.299 Description: The issue concerns undefined behavior in bit shift for mdiobus register in the Linux Kernel's MDIO module. The actual impact and attack plausibility have not yet been proven...
PT-2022-36440 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.4.224 Description: The issue concerns undefined behavior in bit shift for mdiobus register in the Linux Kernel's MDIO module. The actual impact and attack plausibility have not yet been proven. Recommendation...
The vulnerability of the video driver of microprogramming software in Qualcomm’s embedded chips allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of video drivers in microprogramming software for embedded chips from Qualcomm relates to the pointer shifting beyond the allocated memory space. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...
GSD-2022-1007581 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.296 by commit...
GSD-2022-1007504 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.262 by commit...
GSD-2022-1007394 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.220 by commit...
GSD-2022-1007250 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.150 by commit...
GSD-2022-1006778 powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue
powercap: intelrapl: fix UBSAN shift-out-of-bounds issue This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.3 by commit...
PT-2022-35033 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.3 Description: The issue is related to a shift-out-of-bounds problem in the intel rapl component of the powercap module. The actual impact and potential for attack have not been confirmed. Recommendations:...
The vulnerability of the asn1_encode_simple_der() function in the Libtasn1 library, which allows a hacker to disclose protected information or cause a service failure.
The vulnerability of the asn1encodesimpleder function in the Libtasn1 library is related to a single-shift error. Exploiting this vulnerability could allow an attacker to disclose sensitive information or cause service failures by sending specially crafted data to the application...
GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...
ALPINE-CVE-2022-3598
LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b...
JVN#74592196: bingo!CMS vulnerable to authentication bypass
bingo!CMS provided by Shift Tech Inc. contains an authentication bypass vulnerability CWE-288 in some of the management functions. Shift Tech Inc. states that attacks exploiting this vulnerability have been observed. Impact Accessing a specific URL directly may allow a remote unauthenticated...
The Internet Architecture Board Takes on Sustainability
Join Akamai and the Internet Architecture Board to make shift happen. Let's work together to make life better for billions of people, billions of times a day. GreenWithAkamai...