1534 matches found
CVE-2024-39504
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference is possible from...
UBUNTU-CVE-2024-39504
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference is possible from...
Ubuntu: Security Advisory (USN-6867-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
kernel: octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
kernel: octeontx2-af: avoid off-by-one read from userspace
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-38549
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to...
CVE-2022-48747
In the Linux kernel, the following vulnerability has been resolved: block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of page. So it can return the uninitialized data. This happened when both o...
CVE-2024-38549
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to...
CVE-2024-38549 drm/mediatek: Add 0 size check to mtk_drm_gem_obj
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to...
CVE-2024-38549 drm/mediatek: Add 0 size check to mtk_drm_gem_obj
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add 0 size check to mtkdrmgemobj Add a check to mtkdrmgeminit if we attempt to allocate a GEM object of 0 bytes. Currently, no such check exists and the kernel will panic if a userspace application attempts to...
CVE-2024-36974
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...
CVE-2024-36974
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...
CVE-2024-36974
The CVE-2024-36974 issue affects the Linux kernel net/sched taprio: if a TCA_TAPRIO_ATTR_PRIOMAP attribute is provided, taprio_parse_mqprio_opt() must validate it; otherwise, a second taprio_change() with crafted mqprio attributes can cause kernel problems after a first, valid call sets dev->n...
CVE-2024-36974 net/sched: taprio: always validate TCA_TAPRIO_ATTR_PRIOMAP
In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...
USN-6831-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp vulnerabilities
It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. CVE-2024-0841 Several security issues were discovered in the Linux kernel. An attacker...
CVE-2024-27374
CVE-2024-27374 concerns Samsung Mobile Processor Exynos models 980, 850, 1280, 1380, and 1330. The vulnerability is in the function slsi_nan_publish_get_nl_params() where there is no input validation for hal_req->service_specific_info_len sourced from userspace, allowing a potential heap overw...
SUSE SLED15: glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / etc (SUSE-SU-2024:1895-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1895-1 advisory. - CVE-2024-33599: Fixed a stack-based buffer overflow in netgroup cache in nscd bsc1223423 -...
SUSE CVE-2024-36957
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
DEBIAN-CVE-2024-36957
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdupuserbuffer, count + 1. However, the userspace only provides buffer of count bytes and only these count bytes are verifie...
CVE-2024-36931
In the Linux kernel, the following vulnerability has been resolved: s390/cio: Ensure the copied buf is NUL terminated Currently, we allocate a lbuf-sized kernel buffer and copy lbuf from userspace to that buffer. Later, we use scanf on this buffer but we don't ensure that the string is terminated...