422 matches found
PT-2025-40075
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The i40e driver in the Linux kernel contains a flaw related to debugfs files 'command' and 'netdev ops'. These files expose a debugging interface with questionable logic and potential fo...
kernel: of: module: add buffer overflow check in of_modalias()
A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...
PT-2024-10566 · Bitcoin · Bitcoin Core
🚨 CVE-2015-20111 miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was...
Bitcoin Core 安全漏洞
Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in versions of Bitcoin Core prior to 0.12 that stems from a lack of checking of snprintf return values, resulting in a buffer overflow and massive data leak...
kernel: igb: Fix string truncation warnings in igb_set_fw_version
In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igbsetfwversion Commit 1978d3ead82c "intel: fix string truncation warnings" fixes '-Wformat-truncation=' warnings in igbmain.c by using kasprintf...
kernel: of: module: add buffer overflow check in of_modalias()
A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...
kernel: of: module: add buffer overflow check in of_modalias()
A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...
DEBIAN-CVE-2024-50074
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-50074 parport: Proper fix for array out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-50074
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...
CVE-2024-50074
CVE-2024-50074 — Linux kernel parport out-of-bounds fix : The vulnerability concerns array bounds in the parallel port (parport) code. The fix replaces blind snprintf calls with scnprintf to ensure the written length reflects actual output, addressing potential overflows in length calculations. A...
CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-43839
A vulnerability was found in the Linux kernel involving insufficient buffer size in the bnatcb and bnaccb structures. The buffer, named name, was originally 16 bytes, which was inadequate for all possible sprintf arguments, especially when handling %s and %d specifiers. This limitation could...
SUSE CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
SUSE CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
DEBIAN-CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
AZL-51983 CVE-2024-43839 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
UBUNTU-CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...