552 matches found
CVE-2024-43839
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-43839 bna: adjust 'name' buf size of bna_tcb and bna_ccb structures
In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all possible sprintf args. Currently 'name' size is 16, but the first '%s' specifier may already need at least 16 characters, since...
CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-42301
CVE-2024-42301 affects the Linux kernel’s dev/parport component, where an array out-of-bounds risk was introduced. The vulnerability was addressed by replacing unsafe data copying (sprintf) with snprintf to prevent buffer overflow. The initial report includes a kernel stack and Do_Hardware_Base_A...
CVE-2024-42301 dev/parport: fix the array out-of-bounds risk
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-42301
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-42301 dev/parport: fix the array out-of-bounds risk
In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds issues caused by sprintf by replacing it with snprintf for safer data copying, ensuring the destination buffer is not overflowed. Below is the stack trace I...
CVE-2024-42987
Tenda FH1206 v02.03.01.35 was discovered to contain a stack-based buffer overflow vulnerability in the fromPptpUserAdd function. The vulnerability can be triggered via the modino, username, newpwd, or pptpdnetseg parameters, all of which are passed via HTTP POST and used in unsafe sprintf calls...
CVE-2024-7715 D-Link DNS-1550-04 photocenter_mgr.cgi sprintf command injection
UNSUPPORTED WHEN ASSIGNED A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240812. It has been...
CVE-2024-40978 scsi: qedi: Fix crash while reading debugfs attribute
In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix crash while reading debugfs attribute The qedidbgdonotrecovercmdread function invokes sprintf directly on a user pointer, which results into the crash. To fix this issue, use a small local stack buffer for sprintf...
CVE-2024-38577
A potential buffer overflow was found in showrcutaskstracegpkthread in the Linux kernel. This issue may lead to a crash...
CVE-2024-38576
In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...
CVE-2023-52868 thermal: core: prevent potential string overflow
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...
CVE-2023-52868 thermal: core: prevent potential string overflow
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...
CVE-2023-52868
In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...
ROS-20240410-15
A vulnerability in the vim text editor is related to the call to sprintf to write to an error buffer, which is passed to the option callback functions. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
DEBIAN-CVE-2023-45927
S-Lang 2.3.2 was discovered to contain an arithmetic exception via the function ttsprintf...