kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

AlmaLinux 8 : virt:rhel (ALSA-2019:3345)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2019:3345 advisory. ntfs-3g: heap-based buffer overflow leads to local root privilege escalation CVE-2019-9755 QEMU: slirp: information leakage in tcpemu due to uninitialized...

Information disclosure

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

CVE-2019-9824

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

CVE-2019-9824

CVE-2019-9824 affects QEMU (slirp: tcp_subr.c) where uninitialized data in snprintf leads to information disclosure. The issue is observed in SLIRP/tcp_emu usage within QEMU 3.0.0. Connected advisories consistently reference QEMU/libslirp components and recommend updating to patched releases; how...

CVE-2019-9824

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

CVE-2019-9824

tcpemu in slirp/tcpsubr.c aka slirp/src/tcpsubr.c in QEMU 3.0.0 uses uninitialized data in an snprintf call, leading to Information disclosure...

shopify-scripts: sprintf gem - format string combined attack

In the sprintf gem, NOT included in mruby-engine, there are severe vulnerabilities, including information leak, and heap buffer overflow. Here are the technical details. Technical Error 1: ============== The CHECKl macro can sometimes receive negative values, that will bypass the size checks, sin...