Lucene search
K

32 matches found

RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.5 views

kernel: crash due to a missing check for leb_size

A flaw was found in the Linux kernel. The createemptylvol function in the drivers/mtd/ubi/vtbl.c file can attempt to allocate zero bytes of memory when the LEB size is smaller than a single volume table record. This issue can result in a denial of service...

5.5CVSS7.2AI score0.00248EPSS
Exploits0References4
OSV
OSV
added 2024/05/10 11:7 a.m.7 views

OESA-2024-1536 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize.CVE-2024-25739 In the Linux kernel, the following vulnerability...

7.8CVSS6.7AI score0.00301EPSS
Exploits0References19
Microsoft CVE
Microsoft CVE
added 2024/02/27 8:0 a.m.3 views

create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes and crash because of a missing check for ubi->leb_size.

...

5.5CVSS7.2AI score0.00248EPSS
Exploits0
OSV
OSV
added 2024/02/12 3:15 a.m.3 views

DEBIAN-CVE-2024-25739

createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/02/12 3:15 a.m.14 views

AZL-34887 CVE-2024-25739 affecting package kernel for versions less than 6.6.35.1-4

createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize...

5.5CVSS6.8AI score0.00248EPSS
Exploits0References1
OSV
OSV
added 2024/02/12 3:15 a.m.8 views

CVE-2024-25739

createemptylvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi-lebsize...

5.5CVSS6.9AI score
Exploits0References6
CNNVD
CNNVD
added 2024/02/12 12:0 a.m.4 views

Linux kernel security vulnerabilities

The Linux kernel is the kernel used by the Linux Foundation's open source operating system Linux. A security vulnerability exists in the Linux kernel that stems from a lack of checking for ubi-lebsize, where createemptylvol in drivers/mtd/ubi/vtbl.c may attempt to allocate zero bytes and crash...

5.5CVSS8.6AI score0.00248EPSS
Exploits0References4
Cent OS
Cent OS
added 2019/08/30 3:29 a.m.254 views

libssh2 security update

CentOS Errata and Security Advisory CESA-2019:2136 An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.1CVSS7AI score0.06448EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2019/08/06 12:33 p.m.5 views

libssh2: Zero-byte allocation with a specially crafted SFTP packed leading to an out-of-bounds read

An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory...

9.1CVSS7.3AI score0.06448EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/05/02 12:0 a.m.241 views

Fedora 30 : libssh2 (2019-70a9d4f970)

This update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update...

9.3CVSS7.4AI score0.09219EPSS
Exploits0References10
Veracode
Veracode
added 2019/03/19 3:7 a.m.30 views

Denial Of Service (DoS)

libssh2.so is vulnerable to denial of service. A malicious server is able to crash the process by sending a malicious SFTP packet with zero value for the payload length, causing zero-byte allocation that results in an out-of-bounds read...

9.1CVSS8.7AI score0.06448EPSS
Exploits0References18Affected Software2
NVD
NVD
added 2017/07/31 2:29 p.m.19 views

CVE-2017-11757

Heap-based buffer overflow in Actian Pervasive PSQL v12.10 and Zen v13 allows remote attackers to execute arbitrary code via crafted traffic to TCP port 1583. The overflow occurs after Server-Client encryption-key exchange. The issue results from an integer underflow that leads to a zero-byte...

9.8CVSS9.8AI score0.02494EPSS
Exploits1References3
Rows per page
Query Builder