CVE-2021-47370 mptcp: ensure tx skbs always have the MPTCP ext

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of tx cache...

CVE-2021-47370

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of tx cache...

CVE-2021-47370 mptcp: ensure tx skbs always have the MPTCP ext

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info-sizegoal - skb-len 0 evaluates to true when the size goal is smaller than the skb size. That results in lack of tx cache...

CVE-2021-47370

CVE-2021-47370 affects the Linux kernel and concerns the MPTCP path: a signed/unsigned comparison in the code path that refills the TX cache can misbehave when size_goal is smaller than skb->len, causing the core TCP path to allocate an skb without the MPTCP extension. The fix rewrites the exp...

SUSE CVE-2024-26828

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

CVE-2023-5184 Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver

Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers...

SUSE CVE-2005-4605

The procfs code procmisc.c in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value...

SUSE CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

Mageia: Security Advisory (MGASA-2020-0112)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : libX11 -- Heap corruption in the X input method client in libX11 (6faa7feb-d3fa-11ea-9aba-0c9d925bbbc0)

The X.org project reports : The X Input Method XIM client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method. C Tenable Network Security, Inc. The descriptive text and...

libX11 -- Heap corruption in the X input method client in libX11

The X.org project reports: The X Input Method XIM client implementation in libX11 has some integer overflows and signed/unsigned comparison issues that can lead to heap corruption when handling malformed messages from an input method...

binutils: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read in gold/fileread.cc and elfcpp/elfcpp_file.h leads to denial of service

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...

DEBIAN-CVE-2019-14842

Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...

CVE-2019-14842

Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...

Type confusion

Structured reply is a feature of the newstyle NBD protocol allowing the server to send a reply in chunks. A bounds check which was supposed to test for chunk offsets smaller than the beginning of the request did not work because of signed/unsigned confusion. If one of these chunks contains a...

kernel: Buffer overflow in hidp_process_report

A buffer overflow due to a singed-unsigned comparsion was found in hidpprocessreport in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service...

CVE-2019-1010204

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...

Out-of-bounds

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...

CVE-2019-1010204

GNU binutils gold gold v1.11-v1.16 GNU binutils v2.21-v2.31.1 is affected by: Improper Input Validation, Signed/Unsigned Comparison, Out-of-bounds Read. The impact is: Denial of service. The component is: gold/fileread.cc:497, elfcpp/elfcppfile.h:644. The attack vector is: An ELF file with an...

CVE-2019-1010204

CVE-2019-1010204 affects GNU binutils, specifically the gold linker. The vulnerability arises from a combination of improper input validation , signed/unsigned comparison , and an out-of-bounds read in the code paths for gold/fileread.cc:497 and elfcpp/elfcpp_file.h:644. The documented impact is ...