158 matches found
Oracle Linux 8 : pcp (ELSA-2024-6837)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-6837 advisory. 5.3.7-22.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of pyth...
pcp security update
6.2.0-5.0.1 - Fixed libpcp derived metric issue for ol9 Orabug: 36538820 6.2.0-5 - Fix buffer sizing checks in pmstore PDU handling RHEL-57805 - Guard against symlink attacks in pmpost program RHEL-57810 - Fix libpcpweb webgroup slow request refcounting RHEL-58306 - Updated pmdahacluster for newe...
pcp security update
5.3.7-22.0.1 - pcp-zoneinfo fix to replay ol7 archives Orabug: 35903733 - Backporting of python tool pcp-meminfo Orabug: 35759707 - Backporting of python tool pcp-slabinfo Orabug: 35560940 - Backporting of python tool pcp-buddyinfo Orabug: 35660932 - Backporting of python tool pcp-netstat Orabug:...
LimeSurvey 安全漏洞
LimeSurvey PHPSurveyor is an open source online questionnaire program from the LimeSurvey team, which supports survey program development, questionnaire publishing, and data collection. A security vulnerability exists in LimeSurvey version 6.3.0-231016, which stems from a denial of service due to...
SUSE CVE-2021-47562
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...
CVE-2021-47562
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...
CVE-2021-47562
Summary (CVE-2021-47562) : In Linux kernel ice driver, a mismatch in XDP/Rx/Tx queue sizing caused by vsi->txq_map being sized to the doubled vsi->alloc_txq could trigger a kernel NULL pointer dereference when ethtool -L configures XDP rings and Rx/Tx counts differ. The root cause is the tx...
CVE-2021-47562 ice: fix vsi->txq_map sizing
In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi-txqmap sizing The approach of having XDP queue per CPU regardless of user's setting exposed a hidden bug that could occur in case when Rx queue count differ from Tx queue count. Currently vsi-txqmap's size is equal t...
Arbitrary Code Execution
Mercurial is vulnerable to a Arbitrary Code Execution. The vulnerability is due to incorrect bound checks in the binary delta decoder which allows an attacker to execute arbitrary code via a clone, push, or pull command, related to either list sizing rounding error or short records...
USN-6680-1 linux, linux-gcp, linux-gcp-6.5, linux-laptop, linux-lowlatency, linux-lowlatency-hwe-6.5, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive, linux-starfive-6.5 vulnerabilities
黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...
BIT-RUBY-2020-10933
An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...
kernel: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds
A slab-out-of-bounds read vulnerability was found in the Linux kernel's ASoC tx-macro codec driver. The decimator variable was incorrectly sized at 32 bits, causing regcacheflatread to access memory beyond the allocated slab when reading register cache values during the txmacrodigitalmute...
Malicious code in cloud-functions-apply-gce-sizing-recommendations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dff71f573ab0c75770c1eb1201e5e39139353eacb5afd6db5270d684e0bee416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2023-185 Malicious code in cloud-functions-apply-gce-sizing-recommendations (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware dff71f573ab0c75770c1eb1201e5e39139353eacb5afd6db5270d684e0bee416 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
PT-2022-33752 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.63 Description: The issue is related to preventing underflow when computing packet sizes in the drm/sun4i dsi component. The actual impact and attack plausibility have not yet been proven. Recommendations:...
GSD-2022-1003511 nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
nfc: st21nfca: fix incorrect sizing calculations in EVTTRANSACTION This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.122 by commit...
GSD-2022-1002927 nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
nfc: st21nfca: fix incorrect sizing calculations in EVTTRANSACTION This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.17.15 by commit...
GSD-2022-1002582 nfc: st21nfca: fix incorrect sizing calculations in EVT_TRANSACTION
nfc: st21nfca: fix incorrect sizing calculations in EVTTRANSACTION This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.4 by commit...
Mercurial arbitrary code execution vulnerability
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...
YottaDB 安全漏洞
YottaDB is a real-time database from YottaDB, Inc. A security vulnerability exists in YottaDB versions prior to r1.32 and V7.0-000, which could be exploited by an attacker to calculate the size of a call to memset in opfnj3 in srport/opfnj3.c, resulting in a very large value that could cause a...