CVE-2024-42131 – mm: avoid overflows in dirty throttling logic
https://notcve.org/view.php?id=CVE-2024-42131
In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirty limits in PAGE_SIZE units fit into 32-bit (so that various multiplications fit into 64-bits). If limits end up being larger, we will hit overflows, possible divisions by 0 etc. Fix these problems by never allowing so large dirty limits as they have dubious practical value anyway. For dirty_bytes / dirty_background_bytes interfaces we can just refuse to set so large limits. For dirty_ratio / dirty_background_ratio it isn't so simple as the dirty limit is computed from the amount of available memory which can change due to memory hotplug etc. • https://git.kernel.org/stable/c/2b2d2b8766db028bd827af34075f221ae9e9efff https://git.kernel.org/stable/c/4d3817b64eda07491bdd86a234629fe0764fb42a https://git.kernel.org/stable/c/7a49389771ae7666f4dc3426e2a4594bf23ae290 https://git.kernel.org/stable/c/a25e8536184516b55ef89ab91dd2eea429de28d2 https://git.kernel.org/stable/c/c83ed422c24f0d4b264f89291d4fabe285f80dbc https://git.kernel.org/stable/c/bd16a7ee339aef3ee4c90cb23902afb6af379ea0 https://git.kernel.org/stable/c/8e0b5e7f2895eccef5c2a0018b589266f90c4805 https://git.kernel.org/stable/c/385d838df280eba6c8680f9777bfa0d0b • CWE-190: Integer Overflow or Wraparound •
CVE-2024-40784 – Apple macOS ImageIO KTX Image Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-40784
An integer overflow was addressed with improved input validation. • https://support.apple.com/en-us/HT214117 https://support.apple.com/en-us/HT214116 https://support.apple.com/en-us/HT214120 https://support.apple.com/en-us/HT214124 https://support.apple.com/en-us/HT214119 https://support.apple.com/en-us/HT214123 https://support.apple.com/en-us/HT214122 http://seclists.org/fulldisclosure/2024/Jul/16 http://seclists.org/fulldisclosure/2024/Jul/23 http://seclists.org/fulldisclosure/2024/Jul/21 http://seclists.org/fulldisclosure/202 •
CVE-2024-42066 – drm/xe: Fix potential integer overflow in page size calculation
https://notcve.org/view.php?id=CVE-2024-42066
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix potential integer overflow in page size calculation Explicitly cast tbo->page_alignment to u64 before bit-shifting to prevent overflow when assigning to min_page_size. • https://git.kernel.org/stable/c/79d54ddf0e292b810887994bb04709c5ac0e1531 https://git.kernel.org/stable/c/4f4fcafde343a54465f85a2909fc684918507a4b •
CVE-2024-6638 – Integer Overflow Vulnerability Reading TDMS Files in LabVIEW
https://notcve.org/view.php?id=CVE-2024-6638
An integer overflow vulnerability due to improper input validation when reading TDMS files in LabVIEW may result in an infinite loop. • https://www.ni.com/en/support/security/available-critical-and-security-updates-for-ni-software/integer-overflow-vulnerability-reading-tdms-files-in-labview.html • CWE-190: Integer Overflow or Wraparound •
CVE-2024-41184
https://notcve.org/view.php?id=CVE-2024-41184
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. • https://github.com/acassen/keepalived/issues/2447#issuecomment-2231329734 • CWE-190: Integer Overflow or Wraparound •