SUSE-SU-2023:4925-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2023-6377: Fixed out-of-bounds memory write in XKB button actions bsc1217765...

CVE-2023-40091

In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

SUSE-SU-2023:3592-1 Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122136 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could allow ...

SUSE-SU-2023:3582-1 Security update for the Linux Kernel (Live Patch 40 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122150 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could allow ...

SUSE-SU-2023:3576-1 Security update for the Linux Kernel (Live Patch 34 for SLE 12 SP5)

This update for the Linux Kernel 4.12.14-122130 fixes several issues. The following security issues were fixed: - CVE-2023-3567: Fixed a use-after-free in vcsread in drivers/tty/vt/vcscreen.c bsc1213244. - CVE-2023-35001: Fixed an out-of-bounds memory access flaw in nftbyteorder that could allow ...

PT-2023-22839 · Rild · Rild

Name of the Vulnerable Software and Affected Versions: RILD versions prior to SMR Jul-2023 Release 1 Description: A heap out of bounds write issue in the IpcRxIncomingCBMsg of RILD allows attackers to execute arbitrary code. Recommendations: For versions prior to SMR Jul-2023 Release 1, update to...

PT-2023-17584 · Isp · Isp

Name of the Vulnerable Software and Affected Versions: isp affected versions not specified Description: The issue is related to a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interacti...

SUSE CVE-2021-3750

A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. EHCI does not verify if the Buffer Pointer overlaps with its MMIO region when it transfers the USB packets. Crafted content may be written to the controller's registers and trigger undesirable actions such as reset whi...

SUSE CVE-2022-32792

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 15.6 and iPadOS 15.6, watchOS 8.7, tvOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing maliciously crafted web content may lead to arbitrary code execution...

PT-2023-13677 · Siretta · Siretta Quartz-Gold

Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: A file write issue exists in the httpd upload.cgi functionality. This can be triggered by a specially-crafted HTTP request, leading to arbitrary file upload. An attacker can...

SUSE: Security Advisory (SUSE-SU-2023:0117-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2022-35941 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.10 Description: The issue is related to the 9p/trans fd functionality, where it does not always use O NONBLOCK for read/write operations. The actual impact and potential for attack have not been proven yet...

PT-2022-21389 · Accusoft · Accusoft Imagegear

Name of the Vulnerable Software and Affected Versions: Accusoft ImageGear version 20.0 Description: An out-of-bounds write issue exists in the PICT parsing pctwread 14841 functionality. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to...

DEBIAN-CVE-2022-32888

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution...

CVE-2022-42827

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...

CVE-2022-32925

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system termination or write kernel memory...

CVE-2022-32893

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have...

CVE-2022-32893

CVE-2022-32893 is an out-of-bounds write vulnerability in WebKit/WebKitGTK that could allow arbitrary code execution when processing malicious web content. The CVE is fixed in Apple products by updates: iOS 15.6.1 / iPadOS 15.6.1, macOS Monterey 12.5.1, and Safari 15.6.1. Connected advisories not...

PT-2025-25935

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.19.0-rc6-next-20220715 Description A null pointer dereference issue was found in the f2fs get dnode of data function. This issue occurs when testing f2fs atomic write, resulting in errors such as "Can't find...