CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43545 – Integer Overflow or Wraparound in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43545
Memory corruption when more scan frequency list or channels are sent from the user space. Corrupción de la memoria cuando se envían más listas de frecuencias de escaneo o canales desde el espacio del usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5256 – Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5256
Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before reading from memory. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before reading from memory. • https://www.zerodayinitiative.com/advisories/ZDI-24-542 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-1298 – Integer Overflow caused by divide by zero during S3 suspension
https://notcve.org/view.php?id=CVE-2024-1298
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. • https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN https://access.redhat.com/security/cve/CVE-2024-1298 https://bugzilla.redhat.com/show_bug.cgi?id=2284243 • CWE-369: Divide By Zero •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36917 – block: fix overflow in blk_ioctl_discard()
https://notcve.org/view.php?id=CVE-2024-36917
In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000; Add the overflow validation now. • https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6 https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 https://git.kernel.org/stable/c/0842ddd83939eb4db940b9af7d39e79722bc41aa https://git.kernel.org/stable/c/6c9915fa9410cbb9bd75ee283c03120046c56d3d https://access.redhat.com/security/cve/CVE-2024-36917 https://bugzilla.redhat.com/show_bug.cgi?id=2284519 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-30212 – Microchip Harmony 3 Core library allows read and write access to RAM via a SCSI READ or WRITE command
https://notcve.org/view.php?id=CVE-2024-30212
If a SCSI READ(10) command is initiated via USB using the largest LBA (0xFFFFFFFF) with it's default block size of 512 and a count of 1, the first 512 byte of the 0x80000000 memory area is returned to the user. If the block count is increased, the full RAM can be exposed. The same method works to write to this memory area. If RAM contains pointers, those can be - depending on the application - overwritten to return data from any other offset including Progam and Boot Flash. Si se inicia un comando SCSI READ(10) a través de USB utilizando el LBA más grande (0xFFFFFFFF) con su tamaño de bloque predeterminado de 512 y un recuento de 1, los primeros 512 bytes del área de memoria 0x80000000 se devuelven al usuario. Si se aumenta el número de bloques, toda la RAM puede quedar expuesta. • https://github.com/Fehr-GmbH/blackleak https://github.com/Microchip-MPLAB-Harmony/core/blob/master/release_notes.md https://github.com/Microchip-MPLAB-Harmony/core/commit/d4608a4f1a140bd899cd4337cdbfb343a4339216 • CWE-190: Integer Overflow or Wraparound •