AZL-69479 CVE-2023-53010 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen ... Call...

UBUNTU-CVE-2023-53010

In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen ... Call...

CVE-2023-53010

The CVE-2023-53010 vulnerability concerns the bnxt Ethernet driver in the Linux kernel. A buffer overread could occur from reading past the end of test names due to concatenation across an offset beyond the end of the first name, triggering the buffer overflow detection logic. The root cause was ...

CVE-2023-53010 bnxt: Do not read past the end of test names

In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset beyond the end of the first name, which tripped the buffer overflow detection logic: detected buffer overflow in strnlen ... Call...

CLSA-2025-1742466608 libxml2: Fix of 2 CVEs

CVE-2024-56171: fix use-after-free in xmlSchemaIDCFillNodeTables and xmlSchemaBubbleIDCNodeTables in xmlschemas.c - CVE-2025-24928: fix stack-based buffer overflow in xmlSnprintfElements in valid.c...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: bna: Adjust the ‘name’ buffer size of bnatcb and bnaccb structures. To ensure there is enough space to store all possible arguments for sprintf. Currently, the ‘name’ size is 16 characters, but the first '%s' specifier may...

PT-2025-40075

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The i40e driver in the Linux kernel contains a flaw related to debugfs files 'command' and 'netdev ops'. These files expose a debugging interface with questionable logic and potential fo...

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: dev/parport: The issue of array out-of-bounds access has been fixed. Array out-of-bounds issues caused by sprintf have been addressed by replacing it with snprintf. This ensures safer data copying and prevents the destination...

Bitcoin Core 安全漏洞

Bitcoin Core is a Bitcoin open source client for verifying the validity of blockchain transactions. A security vulnerability exists in versions of Bitcoin Core prior to 0.12 that stems from a lack of checking of snprintf return values, resulting in a buffer overflow and massive data leak...

PT-2024-10566 · Bitcoin · Bitcoin Core

🚨 CVE-2015-20111 miniupnp before 4c90b87, as used in Bitcoin Core before 0.12 and other products, lacks checks for snprintf return values, leading to a buffer overflow and significant data leak, a different vulnerability than CVE-2019-12107. In Bitcoin Core before 0.12, remote code execution was...

kernel: igb: Fix string truncation warnings in igb_set_fw_version

In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igbsetfwversion Commit 1978d3ead82c "intel: fix string truncation warnings" fixes '-Wformat-truncation=' warnings in igbmain.c by using kasprintf...

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

kernel: of: module: add buffer overflow check in of_modalias()

A buffer overflow flaw was found in ofmodalias in the Linux kernel, occurring after the first snprintf call. This issue could result in loss of availability of the system...

DEBIAN-CVE-2024-50074

In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...

CVE-2024-50074

In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...

CVE-2024-50074

CVE-2024-50074 — Linux kernel parport out-of-bounds fix : The vulnerability concerns array bounds in the parallel port (parport) code. The fix replaces blind snprintf calls with scnprintf to ensure the written length reflects actual output, addressing potential overflows in length calculations. A...

CVE-2024-50074 parport: Proper fix for array out-of-bounds access

In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesses replaced sprintf calls blindly with snprintf. However, since snprintf returns the would-be-printed size, not the actually output...

CVE-2024-42301

In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...

CVE-2024-43839

A vulnerability was found in the Linux kernel involving insufficient buffer size in the bnatcb and bnaccb structures. The buffer, named name, was originally 16 bytes, which was inadequate for all possible sprintf arguments, especially when handling %s and %d specifiers. This limitation could...