Page 103 of 3606 results (0.007 seconds)

CVSS: 5.7EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ftruncate: pass a signed offset The old ftruncate() syscall, using the 32-bit off_t misses a sign extension when called in compat mode on 64-bit architectures. As a result, passing a negative length accidentally succeeds in truncating to file size between 2GiB and 4GiB. Changing the type of the compat syscall to the signed compat_off_t changes the behavior so it instead returns -EINVAL. The native entry point, the truncate() syscall and the corresponding loff_t based variants are all correct already and do not suffer from this mistake. An unexpected file truncate flaw was found when opening files with specific parameters in the Linux kernel's file-system. This vulnerability allows a local user to corrupt specific files when having access to these files. • https://git.kernel.org/stable/c/3f6d078d4accfff8b114f968259a060bfdc7c682 https://git.kernel.org/stable/c/c329760749b5419769e57cb2be80955d2805f9c9 https://git.kernel.org/stable/c/f531d4bc6c5588d713359e42ed65e46816d841d8 https://git.kernel.org/stable/c/84bf6b64a1a0dfc6de7e1b1c776d58d608e7865a https://git.kernel.org/stable/c/dbb226d81cd02cee140139c2369791e6f61f2007 https://git.kernel.org/stable/c/5ae6af68410bdad6181ec82104bb9985a7a6a0fa https://git.kernel.org/stable/c/836359247b0403e0634bfbc83e5bb8063fad287a https://git.kernel.org/stable/c/930a4c369f74da26816eaaa71b5888d29 • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •

CVSS: -EPSS: 0%CPEs: 2EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xe_devcoredump: Check NULL before assignments Assign 'xe_devcoredump_snapshot *' and 'xe_device *' only if 'coredump' is not NULL. v2 - Fix commit messages. v3 - Define variables before code.(Ashutosh/Jose) v4 - Drop return check for coredump_to_xe. (Jose/Rodrigo) v5 - Modify misleading commit message. (Matt) • https://git.kernel.org/stable/c/76ec0e33707282d5321555698d902f4e067aff37 https://git.kernel.org/stable/c/b15e65349553b1689d15fbdebea874ca5ae2274a •

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Fix potential invalid address access struct rdma_restrack_entry's kern_name was set to KBUILD_MODNAME in ib_create_cq(), while if the module exited but forgot del this rdma_restrack_entry, it would cause a invalid address access in rdma_restrack_clean() when print the owner of this rdma_restrack_entry. These code is used to help find one forgotten PD release in one of the ULPs. But it is not needed anymore, so delete them. • https://git.kernel.org/stable/c/8656ef8a9288d6c932654f8d3856dc4ab1cfc6b5 https://git.kernel.org/stable/c/782bdaf9d01658281bc813f3f873e6258aa1fd8d https://git.kernel.org/stable/c/8ac281d42337f36cf7061cf1ea094181b84bc1a9 https://git.kernel.org/stable/c/f45b43d17240e9ca67ebf3cc82bb046b07cc1c61 https://git.kernel.org/stable/c/ca537a34775c103f7b14d7bbd976403f1d1525d8 •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix NULL pointer dereference in gfs2_log_flush In gfs2_jindex_free(), set sdp->sd_jdesc to NULL under the log flush lock to provide exclusion against gfs2_log_flush(). In gfs2_log_flush(), check if sdp->sd_jdesc is non-NULL before dereferencing it. Otherwise, we could run into a NULL pointer dereference when outstanding glock work races with an unmount (glock_work_func -> run_queue -> do_xmote -> inode_go_sync -> gfs2_log_flush). • https://git.kernel.org/stable/c/3429ef5f50909cee9e498c50f0c499b9397116ce https://git.kernel.org/stable/c/f54f9d5368a4e92ede7dd078a62788dae3a7c6ef https://git.kernel.org/stable/c/35264909e9d1973ab9aaa2a1b07cda70f12bb828 https://access.redhat.com/security/cve/CVE-2024-42079 https://bugzilla.redhat.com/show_bug.cgi?id=2300517 • CWE-476: NULL Pointer Dereference •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers. • https://git.kernel.org/stable/c/96518518cc417bb0a8c80b9fb736202e28acdf96 https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4 https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8 https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007 https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564 https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •