CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-23085 – Potential jail escape vulnerabilities in netmap
https://notcve.org/view.php?id=CVE-2022-23085
20 Sep 2022 — A user-provided integer option was passed to nmreq_copyin() without checking if it would overflow. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. • https://security.freebsd.org/advisories/FreeBSD-SA-22:04.netmap.asc • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-36015 – Integer overflow in math ops in TensorFlow
https://notcve.org/view.php?id=CVE-2022-36015
16 Sep 2022 — TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `int64_t`, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-35940 – Int overflow in `RaggedRangeOp` in Tensoflow
https://notcve.org/view.php?id=CVE-2022-35940
16 Sep 2022 — TensorFlow is an open source platform for machine learning. The `RaggedRangOp` function takes an argument `limits` that is eventually used to construct a `TensorShape` as an `int64`. If `limits` is a very large float, it can overflow when converted to an `int64`. This triggers an `InvalidArgument` but also throws an abort signal that crashes the program. We have patched the issue in GitHub commit 37cefa91bee4eace55715eeef43720b958a01192. • https://github.com/tensorflow/tensorflow/blob/0b6b491d21d6a4eb5fbab1cca565bc1e94ca9543/tensorflow/core/kernels/ragged_range_op.cc#L74-L88 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36402 – There is an int overflow vulnerability in vmwgfx driver
https://notcve.org/view.php?id=CVE-2022-36402
16 Sep 2022 — An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. ... Este fallo permite a un atacante local con una cuenta de usuario en el sistema conseguir privilegios, causando una denegación de servicio (DoS) An integer overflow was found in the Linux kernel's vmwgfx driver. ... Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel... • https://bugzilla.openanolis.cn/show_bug.cgi?id=2072 • CWE-118: Incorrect Access of Indexable Resource ('Range Error') CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 130EXPL: 0CVE-2022-25656
https://notcve.org/view.php?id=CVE-2022-25656
16 Sep 2022 — Possible integer overflow and memory corruption due to improper validation of buffer size sent to write to console when computing the payload size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Posible desbordamiento de enteros y corrupción de memoria debido a una comprobación inapropiada del tamaño del búfer enviado para escribir en la consola cuando es computado el tamaño de la carga útil en Snapdragon Auto,... • https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 102EXPL: 0CVE-2022-22105
https://notcve.org/view.php?id=CVE-2022-22105
16 Sep 2022 — Memory corruption in bluetooth due to integer overflow while processing HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music Corrupción de memoria en bluetooth debido a un desbordamiento de enteros mientras es procesado el perfil HFP-UNIT en Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music • https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 46EXPL: 0CVE-2022-22089
https://notcve.org/view.php?id=CVE-2022-22089
16 Sep 2022 — Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables Una corrupción de memoria en el audio mientras es reproducida una grabación debido a un manejo inapropiado de la lista en dos hilos en Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 60EXPL: 0CVE-2022-22081
https://notcve.org/view.php?id=CVE-2022-22081
16 Sep 2022 — Memory corruption in audio module due to integer overflow in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables Una corrupción de memoria en el módulo de audio debido a un desbordamiento de enteros en Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 308EXPL: 0CVE-2022-22074
https://notcve.org/view.php?id=CVE-2022-22074
16 Sep 2022 — Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una corrupción de memoria durante la reproducción de archivos wma debido a un desbordamiento de enteros en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrag... • https://www.qualcomm.com/company/product-security/bulletins/september-2022-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3782 – wayland: libwayland-server wl_shm reference-count overflow
https://notcve.org/view.php?id=CVE-2021-3782
16 Sep 2022 — An internal reference count is held on the buffer pool, incremented every time a new buffer is created from the pool. The reference count is maintained as an int; on LP64 systems this can cause the reference count to overflow if the client creates a large number of wl_shm buffer objects, or if it can coerce the server to create a large number of external references to the buffer storage. With the reference count overflowing, a use-after-free can be constructed on the wl_shm_pool tracking structure, where va... • https://gitlab.freedesktop.org/wayland/wayland/-/issues/224 • CWE-190: Integer Overflow or Wraparound CWE-416: Use After Free •