CVE-2024-39478

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

AZL-43264 CVE-2024-39482 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...

UBUNTU-CVE-2024-39482

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...

UBUNTU-CVE-2024-39478

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

CVE-2024-39482 bcache: fix variable length array abuse in btree_iter

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...

CVE-2024-39482

CVE-2024-39482 relates to the Linux kernel bug in bcache: it abused a fixed-length array in btree_iter when used with dynamically-sized iterators, triggering UBSAN. The fix introduces a flexible array member in btree_iter and a separate btree_iter_stack that embeds a btree_iter plus a data array,...

CVE-2024-39482 bcache: fix variable length array abuse in btree_iter

In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...

CVE-2024-39478 crypto: starfive - Do not free stack buffer

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Do not free stack buffer RSA text data uses variable length buffer allocated in software stack. Calling kfree on it causes undefined behaviour in subsequent operations...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from allowing the use of variable-length buffers...

CBL Mariner 2.0 Security Update: less (CVE-2024-32487)

The version of less installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32487 advisory. - less through 653 allows OS command execution via a newline character in the name of a file, because quoting is...

CVE-2023-24531

Command go env is documented as outputting a shell script containing the Go environment. However, go env doesn't sanitize values, so executing its output as a shell script can cause various bad bahaviors, including executing arbitrary commands or inserting new environment variables. This issue is...

CVE-2024-0158

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges...

CVE-2024-0158

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges...

CVE-2024-0158

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability to modify a UEFI variable, leading to denial of service and escalation of privileges...

USN-6819-4: Linux kernel (Oracle) vulnerabilities

Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference vulnerability. A remote attacker could use this to cause a denial of service system crash. CVE-2023-6356, CVE-2023-6535, CVE-2023-6536 Chenyuan...

Ubuntu 22.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6819-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6819-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer dereference...

CVE-2024-37002

A maliciously crafted MODEL file, when parsed in ASMkern229A.dllthrough Autodesk applications, can be used to uninitialized variables. This vulnerability, along with other vulnerabilities, could lead to code execution in the current process...

Aimeos Security Breach

Aimeos is an open source e-commerce framework for online stores from Aimeos Open Source. A security vulnerability exists in Aimeos ai-client-html, which stems from a debugging message displaying sensitive information from an environment variable in the error log...

SUSE CVE-2024-38623

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use variable length array instead of fixed size Should fix smatch warning: ntfssetlabel error: builtinmemcpy 'uni-name' too small 20 vs 256...

CVE-2024-38624

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow For example, in the expression: vbo = 2 vbo + skip Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...