Lucene search
+L

64 matches found

Vulnrichment
Vulnrichment
added 2024/07/05 6:55 a.m.20 views

CVE-2024-39478 crypto: starfive - Do not free stack buffer

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

7.1AI score0.00184EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/05 6:55 a.m.46 views

CVE-2024-39478 crypto: starfive - Do not free stack buffer

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

0.00184EPSS
Exploits0References2
CVE
CVE
added 2024/07/05 6:55 a.m.98 views

CVE-2024-39478

The CVE-2024-39478 vulnerability affects the Linux kernel crypto: starfive code path, where RSA text data uses a variable-length buffer allocated on the software stack. Calling kfree on that buffer can cause undefined behavior in subsequent operations, due to freeing a stack-allocated buffer. The...

5.5CVSS7.2AI score0.00184EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2024/05/03 4:15 p.m.18 views

CVE-2022-48696

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...

5.5CVSS6.4AI score0.00194EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2024/05/03 4:15 p.m.22 views

CVE-2022-48696

In the Linux kernel, the following vulnerability has been resolved: regmap: spi: Reserve space for register address/padding Currently the maxrawread and maxrawwrite limits in regmapspi struct do not take into account the additional size of the transmitted register address and padding. This may...

5.5CVSS6.2AI score0.00194EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/04/17 10:17 a.m.20 views

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

6.7AI score0.0024EPSS
Exploits0References8
OSV
OSV
added 2024/04/17 10:17 a.m.7 views

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

5.5CVSS6.1AI score0.0024EPSS
Exploits0References14
BDU FSTEC
BDU FSTEC
added 2024/03/07 12:0 a.m.8 views

The vulnerability of the rtw_get_tx_power_params() function of the UBSAN service (Undefined Behaviour Sanity Checker) in the Linux operating system allows a hacker to disclose protected information.

The vulnerability of the rtwgettxpowerparams function of the UBSAN service Undefined Behaviour Sanity Checker in Linux kernel is related to the occurrence of operations outside the buffer in memory due to inconsistencies in the channel group values. Exploitation of this vulnerability can allow an...

4.4CVSS6.5AI score0.00234EPSS
Exploits0References17Affected Software2
RedhatCVE
RedhatCVE
added 2024/03/01 5:2 a.m.42 views

CVE-2021-47065

In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...

4.4CVSS6.4AI score0.00234EPSS
Exploits0References4
OSV
OSV
added 2024/02/29 11:15 p.m.13 views

DEBIAN-CVE-2021-47065

In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtwgettxpowerparams Using a kernel with the Undefined Behaviour Sanity Checker UBSAN enabled, the following array overrun is logged:...

7.8CVSS5.5AI score0.00234EPSS
Exploits0References1
OSV
OSV
added 2024/02/28 12:0 p.m.56 views

RUSTSEC-2024-0017 Non-idiomatic use of iterators leads to use after free

Code that attempts to use an item e.g., a row returned by an iterator after the iterator has advanced to the next item will be accessing freed memory and experience undefined behaviour. Code that uses the item and then advances the iterator is unaffected. This problem has always existed. This is ...

7.5CVSS7.5AI score0.00817EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.30 views

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2023-2149)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was discovered in ImageMagick's ExportIndexQuantum function in MagickCore/quantum-export.c. Function calls to...

5.5CVSS6.9AI score0.00365EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: rtw89: cfo: check mac_id to avoid out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: rtw89: cfo: check macid to avoid out-of-bounds Somehow, hardware reports incorrect macid and pollute memory. Check index before we access the array. UBSAN: array-index-out-of-bounds in rtw89/phy.c:2517:23 index 188 is out of rang...

7.8CVSS6.3AI score0.00258EPSS
Exploits0References5
OSV
OSV
added 2023/04/03 10:53 p.m.8 views

GHSA-2QV5-7MW5-J3CG spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/04/03 10:53 p.m.12 views

spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

6.7AI score
Exploits0References3Affected Software1
RustSec
RustSec
added 2023/03/31 12:0 p.m.16 views

Initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers

Once::trycallonce is unsound if invoked more than once concurrently and any call fails to initialise successfully...

6.7AI score
Exploits0Affected Software1
Veracode
Veracode
added 2023/02/25 8:49 p.m.21 views

Invalid Downcast

firefox is vulnerable to Invalid Downcast. The vulnerability exists because the invalid downcast from nsTextNode to SVGElement leads to undefined behaviour...

8.8CVSS2.7AI score0.00702EPSS
Exploits0References5Affected Software5
Veracode
Veracode
added 2023/02/25 8:49 p.m.24 views

Invalid Downcast

firefox is vulnerable to Invalid Downcast. The vulnerability exists because the invalid downcast from nsTextNode to nsIContent leads to undefined behaviour...

9.8CVSS2.5AI score0.00685EPSS
Exploits0References3Affected Software3
FreeBSD
FreeBSD
added 2022/12/24 12:0 a.m.32 views

freerdp -- multiple vulnerabilities

FreeRDP reports: GHSA-5w4j-mrrh-jjrm: Out of bound read in zgfx decoder. GHSA-99cm-4gw7-c8jh: Undefined behaviour in zgfx decoder. GHSA-387j-8j96-7q35: Division by zero in urbdrc channel. GHSA-mvxm-wfj2-5fvh: Missing length validation in urbdrc channel. GHSA-qfq2-82qr-7f4j: Heap buffer overflow i...

5.7CVSS6.2AI score0.00967EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.36 views

SUSE SLED12: ImageMagick / ImageMagick-config-6-SUSE / etc (SUSE-SU-2022:3138-1)

The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3138-1 advisory. - CVE-2021-20224: Fixed an integer overflow that could be triggered via a crafted file bsc1202800. Tenable has extracte...

5.5CVSS6.9AI score0.00365EPSS
Exploits0References4
Rows per page
Query Builder