21767 matches found
bnxt_en: Fix out-of-bound memcpy() during ethtool -w
...
wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release
...
drm/amd/display: Fix slab-use-after-free in hdcp
...
irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs
...
redis-check-aof may lead to stack overflow and potential RCE
...
wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation
...
memblock: Accept allocated memory before use in memblock_double_array()
...
arm64: bpf: Only mitigate cBPF programs loaded by unprivileged users
...
ALSA: ump: Fix buffer overflow at UMP SysEx message conversion
...
media: venus: hfi: add a check to handle OOB in sfr region
...
USB: wdm: close race between wdm_open and wdm_wwan_port_stop
...
ipvs: fix uninit-value for saddr in do_output_route4
...
QUIC certificate check skip with wolfSSL
...
containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods.
...
undici Denial of Service attack via bad certificate data
...
Bypassing extraction filter to create symlinks to arbitrary targets outside extraction directory
...
Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL
...
CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
...
Unbounded recursion in Python Protobuf
...
When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration.
...
In Node.js, the `ReadFileUtf8` internal binding leaks memory due to a corrupted pointer in `uv_fs_s.file`: a UTF-16 path buffer is allocated but subsequently overwritten when the file descriptor is set. This results in an unrecoverable memory leak on every call. Repeated use can cause unbounded memory growth, leading to a denial of service. Impact: * This vulnerability affects APIs relying on `ReadFileUtf8` on Node.js release lines: v20 and v22.
...
The C++ method SignTraits::DeriveBits() may incorrectly call ThrowException() based on user-supplied inputs when executing in a background thread, crashing the Node.js process. Such cryptographic operations are commonly applied to untrusted inputs. Thus, this mechanism potentially allows an adversary to remotely crash a Node.js runtime.
...
drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1
...
drm/i915/huc: Fix fence not released on early probe errors
...
net: ppp: Add bound checking for skb data on ppp_sync_txmung
...
jfs: Fix uninit-value access of imap allocated in the diMount() function
...
f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
...
ext4: ignore xattrs past end
...
media: venus: hfi: add check to handle incorrect queue size
...
sctp: detect and prevent references to a freed transport in sendmsg
...
media: venus: hfi_parser: add check to avoid out of bound access
...
soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()
...
i3c: Add NULL pointer check in i3c_master_queue_ibi()
...
mfd: ene-kb3930: Fix a potential NULL pointer dereference
...
KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses
...
bpf: consider that tail calls invalidate packet pointers
...
misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error
...
bpf: check changes_pkt_data property for extension programs
...
bpf: track changes_pkt_data property for global functions
...
net-tools Stack-based Buffer Overflow vulnerability
...
Erlang/OTP SSH Has Strict KEX Violations
...
PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation
...
DNS message with invalid TSIG causes an assertion failure
...
netfilter: ipset: fix region locking in hash types
...
net_sched: Flush gso_skb list too during ->change()
...
ksmbd: prevent rename with empty string
...
smb: client: Avoid race in open_cached_dir with lease breaks
...
wifi: ath12k: Fix invalid data access in ath12k_dp_rx_h_undecap_nwifi
...
ksmbd: prevent out-of-bounds stream writes by validating *pos
...
udmabuf: fix a buf size overflow issue during udmabuf creation
...