CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5197 – Integer overflow in libvpx
https://notcve.org/view.php?id=CVE-2024-5197
Calling vpx_img_alloc() with a large value of the d_w, d_h, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. Calling vpx_img_wrap() with a large value of the d_w, d_h, or stride_align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpx_image_t struct may be invalid. ... This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of values are invalid, leading to integer overflows during memory allocation procedures. • https://g-issues.chromium.org/issues/332382766 https://lists.debian.org/debian-lts-announce/2024/06/msg00005.html https://access.redhat.com/security/cve/CVE-2024-5197 https://bugzilla.redhat.com/show_bug.cgi?id=2291198 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-43545 – Integer Overflow or Wraparound in WLAN HOST
https://notcve.org/view.php?id=CVE-2023-43545
Memory corruption when more scan frequency list or channels are sent from the user space. Corrupción de la memoria cuando se envían más listas de frecuencias de escaneo o canales desde el espacio del usuario. • https://docs.qualcomm.com/product/publicresources/securitybulletin/june-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5256 – Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2024-5256
Sonos Era 100 SMB2 Message Handling Integer Underflow Information Disclosure Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before reading from memory. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before reading from memory. • https://www.zerodayinitiative.com/advisories/ZDI-24-542 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 6.0EPSS: 0%CPEs: -EXPL: 0CVE-2024-1298 – Integer Overflow caused by divide by zero during S3 suspension
https://notcve.org/view.php?id=CVE-2024-1298
EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. • https://github.com/tianocore/edk2/security/advisories/GHSA-chfw-xj8f-6m53 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7NUL7NSZQ76A5OKDUCODQNY7WSX4SST https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VIMEZWDKEIQKU7NMHKL57DOCITPGEXYN https://access.redhat.com/security/cve/CVE-2024-1298 https://bugzilla.redhat.com/show_bug.cgi?id=2284243 • CWE-369: Divide By Zero •
CVSS: 4.4EPSS: 0%CPEs: 6EXPL: 0CVE-2024-36917 – block: fix overflow in blk_ioctl_discard()
https://notcve.org/view.php?id=CVE-2024-36917
In the Linux kernel, the following vulnerability has been resolved: block: fix overflow in blk_ioctl_discard() There is no check for overflow of 'start + len' in blk_ioctl_discard(). Hung task occurs if submit an discard ioctl with the following param: start = 0x80000000000ff000, len = 0x8000000000fff000; Add the overflow validation now. • https://git.kernel.org/stable/c/8a26198186e97ee5fc4b42fde82629cff8c75cd6 https://git.kernel.org/stable/c/e1d38cde2b7b0fbd1c48082e7a98c37d750af59b https://git.kernel.org/stable/c/507d526a98c355e6f3fb2c47aacad44a69784bee https://git.kernel.org/stable/c/22d24a544b0d49bbcbd61c8c0eaf77d3c9297155 https://git.kernel.org/stable/c/0842ddd83939eb4db940b9af7d39e79722bc41aa https://git.kernel.org/stable/c/6c9915fa9410cbb9bd75ee283c03120046c56d3d https://access.redhat.com/security/cve/CVE-2024-36917 https://bugzilla.redhat.com/show_bug.cgi?id=2284519 • CWE-190: Integer Overflow or Wraparound •