Page 152 of 6270 results (0.005 seconds)

CVSS: 7.3EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error tipc_udp_addr2str() should return non-zero value if the UDP media address is invalid. Otherwise, a buffer overflow access can occur in tipc_media_addr_printf(). Fix this by returning 1 on an invalid UDP media address. • https://git.kernel.org/stable/c/d0f91938bede204a343473792529e0db7d599836 https://git.kernel.org/stable/c/7ec3335dd89c8d169e9650e4bac64fde71fdf15b https://git.kernel.org/stable/c/253405541be2f15ffebdeac2f4cf4b7e9144d12f https://git.kernel.org/stable/c/aa38bf74899de07cf70b50cd17f8ad45fb6654c8 https://git.kernel.org/stable/c/5eea127675450583680c8170358bcba43227bd69 https://git.kernel.org/stable/c/728734352743a78b4c5a7285b282127696a4a813 https://git.kernel.org/stable/c/76ddf84a52f0d8ec3f5db6ccce08faf202a17d28 https://git.kernel.org/stable/c/2abe350db1aa599eeebc6892237d0bce0 • CWE-393: Return of Wrong Status Code •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: nexthop: Initialize all fields in dumped nexthops struct nexthop_grp contains two reserved fields that are not initialized by nla_put_nh_group(), and carry garbage. This can be observed e.g. with strace (edited for clarity): # ip nexthop add id 1 dev lo # ip nexthop add id 101 group 1 # strace -e recvmsg ip nexthop get id 101 ... recvmsg(... [{nla_len=12, nla_type=NHA_GROUP}, [{id=1, weight=0, resvd1=0x69, resvd2=0x67}]] ...) = 52 The fields are reserved and therefore not currently used. But as they are, they leak kernel memory, and the fact they are not just zero complicates repurposing of the fields for new ends. Initialize the full structure. • https://git.kernel.org/stable/c/430a049190de3c9e219f43084de9f1122da04570 https://git.kernel.org/stable/c/fd06cb4a5fc7bda3dea31712618a62af72a1c6cb https://git.kernel.org/stable/c/5cc4d71dda2dd4f1520f40e634a527022e48ccd8 https://git.kernel.org/stable/c/9e8f558a3afe99ce51a642ce0d3637ddc2b5d5d0 https://git.kernel.org/stable/c/1377de719652d868f5317ba8398b7e74c5f0430b https://git.kernel.org/stable/c/7704460acd7f5d35eb07c52500987dc9b95313fb https://git.kernel.org/stable/c/a13d3864b76ac87085ec530b2ff8e37482a63a96 https://git.kernel.org/stable/c/6d745cd0e9720282cd291d36b9db528ae •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger a BUG_ON() later when the skb is segmented as described in [1,2]. • https://git.kernel.org/stable/c/2be7e212d5419a400d051c84ca9fdd083e5aacac https://git.kernel.org/stable/c/a689f5eb13a90f892a088865478b3cd39f53d5dc https://git.kernel.org/stable/c/dda518dea60d556a2d171c0122ca7d9fdb7d473a https://git.kernel.org/stable/c/f6bb8c90cab97a3e03f8d30e3069efe6a742e0be https://git.kernel.org/stable/c/11ec79f5c7f74261874744039bc1551023edd6b2 https://git.kernel.org/stable/c/c3496314c53e7e82ddb544c825defc3e8c0e45cf https://git.kernel.org/stable/c/ec4eea14d75f7b0491194dd413f540dd19b8c733 https://git.kernel.org/stable/c/fa5ef655615a01533035c6139248c5b33 •

CVSS: -EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp after calling dev_kfree_skb(*sp). • https://git.kernel.org/stable/c/af69fb3a8ffa37e986db00ed93099dc44babeef4 https://git.kernel.org/stable/c/70db2c84631f50e02e6b32b543700699dd395803 https://git.kernel.org/stable/c/d3e4d4a98c5629ccdcb762a0ff6c82ba9738a0c3 https://git.kernel.org/stable/c/9460ac3dd1ae033bc2b021a458fb535a0c36ddb2 https://git.kernel.org/stable/c/8f4030277dfb9dbe04fd78566b19931097c9d629 https://git.kernel.org/stable/c/4d8b642985ae24f4b3656438eb8489834a17bb80 https://git.kernel.org/stable/c/ddc79556641ee070d36be0de4a1f0a16a71f1fc7 https://git.kernel.org/stable/c/7e4a539bca7d8d20f2c5d93c18cce8ef7 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en In sprd_iommu_cleanup() before calling function sprd_iommu_hw_en() dom->sdev is equal to NULL, which leads to null dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE. • https://git.kernel.org/stable/c/92c089a931fd3939cd32318cf4f54e69e8f51a19 https://git.kernel.org/stable/c/8745f3592ee4a7b49ede16ddd3f12a41ecaa23c9 https://git.kernel.org/stable/c/9afea57384d4ae7b2034593eac7fa76c7122762a https://git.kernel.org/stable/c/d0a917fd5e3b3ed9d9306b4260ba684b982da9f3 https://git.kernel.org/stable/c/8c79ceb4ecf823e6ec10fee6febb0fca3de79922 https://git.kernel.org/stable/c/dfe90030a0cfa26dca4cb6510de28920e5ad22fb https://git.kernel.org/stable/c/b62841e49a2b7938f6fdeaaf93fb57e4eb880bdb https://git.kernel.org/stable/c/d5fe884ce28c5005f8582c35333c195a1 •