23 matches found
Ubuntu 22.04 LTS / 24.04 LTS : U-Boot vulnerabilities (USN-8056-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8056-1 advisory. Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this iss...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986578)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986578 advisory. In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a KMSAN: uninit-value in picklink bug...
EUVD-2025-4767
Malicious code in bioql PyPI...
An integer overflow in sqfs_inode_size in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem.
...
CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
DEBIAN-CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
UBUNTU-CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
SUSE CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
CVE-2024-57254
An integer overflow in sqfsinodesize in Das U-Boot before 2025.01-rc1 occurs in the symlink size calculation via a crafted squashfs filesystem...
CVE-2024-57254
CVE-2024-57254 describes an integer overflow in the sqfs_inode_size calculation within Das U-Boot up to the 2025.01-rc1 release, triggered by a crafted squashfs filesystem affecting the symlink size calculation. Products affected: Das U-Boot (DENX Software Engineering) prior to 2025.01-rc1. Impac...
CLSA-2024-1729869774 kernel: Fix of 12 CVEs
ftrace: Fix possible use-after-free issue in ftracelocation CVE-2024-38588 - ftrace: Fix possible warning on checking all pages used in ftraceprocesslocs CVE-2024-38588 - ftrace: Store the order of pages allocated in ftracepage CVE-2024-38588 - ftrace: Check if pages were allocated before calling...
CLSA-2024-1728935304 kernel: Fix of 12 CVEs
xfs: don't walk off the end of a directory data block CVE-2024-41013 - net/sched: clsu32: fix netns refcount changes in u32change CVE-2022-29581 - net/packet: fix slab-out-of-bounds access in packetrecvmsg CVE-2022-20368 - openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - net: sched:...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: perf/aux: Fix AUX buffer serialization CVE-2024-46713 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd CVE-2024-46734 In the...
SUSE CVE-2024-46744
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in picklink" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason...
CVE-2024-46744
The CVE-2024-46744 issue in the Linux kernel affects Squashfs by failing to sanity-check the symbolic link size read from disk. This causes the size (i_size) to be corrupted, which is later used to derive a length value that overflows a signed int in squashfs_symlink_read_folio(), leading to a po...
CVE-2024-46744 Squashfs: sanity check symbolic link size
In the Linux kernel, the following vulnerability has been resolved: Squashfs: sanity check symbolic link size Syzkiller reports a "KMSAN: uninit-value in picklink" bug. This is caused by an uninitialised page, which is ultimately caused by a corrupted symbolic link size read from disk. The reason...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1485)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...