CVE-2023-52920

The CVE-2023-52920 entry concerns the Linux kernel BPF precision-tracking update. Affected component: BPF verifier’s precision/backtracking path, specifically handling spill/fill of registers to the stack (notably non-r10 registers after copying r10). Root cause/impact: per-instruction history fl...

SUSE-SU-2024:3860-1 Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005562 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potential...

SUSE-SU-2024:3859-1 Security update for the Linux Kernel (Live Patch 7 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005536 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potential...

SUSE-SU-2024:3842-1 Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005552 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potential...

SUSE SLES15 Security Update : kernel RT (Live Patch 14 for SLE 15 SP5) (SUSE-SU-2024:3831-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3831-1 advisory. This update for the Linux Kernel 5.14.21-1505001352 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int...

SUSE-SU-2024:3834-1 Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506008 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG bsc1231419 - CVE-2024-35863: Fixed potential UAF...

SUSE-SU-2024:3831-1 Security update for the Linux Kernel RT (Live Patch 14 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001352 fixes several issues. The following security issues were fixed: - CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. - CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. - CVE-2024-35863: Fixed potential...

CVE-2022-48998 powerpc/bpf/32: Fix Oops on tail call tests

In the Linux kernel, the following vulnerability has been resolved: powerpc/bpf/32: Fix Oops on tail call tests testbpf tail call tests end up as: testbpf: 0 Tail call leaf jited:1 85 PASS testbpf: 1 Tail call 2 jited:1 111 PASS testbpf: 2 Tail call 3 jited:1 145 PASS testbpf: 3 Tail call 4 jited...

CVE-2024-38533

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0...

CVE-2024-38533

The CVE-2024-38533 entry concerns ZKsync Era, a Layer 2 rollup for Ethereum. The issue is an invalid stack access caused by addresses used to access the stack not being properly converted to cells. Affected versions are prior to 1.5.0; the vulnerability is mitigated by upgrading to version 1.5.0....

CVE-2024-38533 ZKsync Era invalid stack addressing conversion

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. There is possible invalid stack access due to the addresses used to access the stack not properly being converted to cells. This issue has been patched in version 1.5.0...

PT-2024-28059 · Unknown · Zksync Era

Name of the Vulnerable Software and Affected Versions: ZKsync Era versions prior to 1.5.0 Description: ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. The issue arises from possible invalid stack access due to the addresses used to access the stack not properly...

ZKsync Era Security Vulnerability

ZKsync Era is an open source compiler from Matter Labs. A security vulnerability exists in ZKsync Era versions prior to 1.5.0, which stems from the address used to access the stack not being properly converted to a unit, and therefore invalid stack access may exist...

RHEL 5 : byacc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - byacc: Potential out of bounds of allocated stack access CVE-2008-3196 Note that Nessus has not tested for this iss...

SUSE CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

CVE-2024-35905

A flaw was found in the Linux kernel. An integer overflow vulnerability exists in the access size of a stack, such that the size of the access stack can appear negative as a result of overflowing its signed int representation. This issue can result in denial of service...

DEBIAN-CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

UBUNTU-CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...