19 matches found
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The "buf" pointer is an array of u16 values. This code should be using ARRAYSIZE which is 256 instead of sizeof which is 512, otherwise it can the still got out of bounds...
CVE-2023-54238 mlx5: fix skb leak while fifo resync and push
In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...
CVE-2024-40916
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRM core adds an artificial 1024x786 mode to the connector. Unfortunately some variant...
SUSE CVE-2024-38587
In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The "buf" pointer is an array of u16 values. This code should be using ARRAYSIZE which is 256 instead of sizeof which is 512, otherwise it can the still got out of bounds...
UBUNTU-CVE-2024-38587
In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The "buf" pointer is an array of u16 values. This code should be using ARRAYSIZE which is 256 instead of sizeof which is 512, otherwise it can the still got out of bounds...
CVE-2021-47065
In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...
GSD-2023-1001342 qed (gcc13): use u16 for fid to be big enough
qed gcc13: use u16 for fid to be big enough This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.163 by commit...
GSD-2023-1001017 qed (gcc13): use u16 for fid to be big enough
qed gcc13: use u16 for fid to be big enough This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
Arbitrary return types in xcb
The function xcb::xproto::GetPropertyReply::value returns a slice of type T where T is an unconstrained type parameter. The raw bytes received from the X11 server are interpreted as the requested type. The users of the xcb crate are advised to only call this function with the intended types. Thes...
GSD-2021-1000482 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.269 by commit...
UVI-2021-1000454 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.191 by commit...
GSD-2021-1000364 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...
UVI-2021-1000258 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.12.4 by commit...
UVI-2021-1000426 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...
GSD-2021-1000426 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.119 by commit...
UVI-2021-1000470 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.233 by commit...
UVI-2021-1000482 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.269 by commit...
GSD-2021-1000470 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.233 by commit...
UVI-2021-1000364 liquidio: Fix unintented sign extension of a left shift of a u16
liquidio: Fix unintented sign extension of a left shift of a u16 This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.37 by commit...