Page 266 of 2860 results (0.020 seconds)

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled. Se descubrió un problema en ksmbd en el kernel de Linux anterior a 6.6.10. smb2_get_data_area_len en fs/smb/server/smb2misc.c puede causar un acceso fuera de los límites smb_strndup_from_utf16 porque la relación entre los datos de Nombre y los datos de CreateContexts está mal manejada. • https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.10 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d10c77873ba1e9e6b91905018e29e196fd5f863d • CWE-125: Out-of-bounds Read •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access. En rds_recv_track_latency en net/rds/af_rds.c en el kernel de Linux hasta 6.7.1, hay un error uno por uno para una comparación RDS_MSG_RX_DGRAM_TRACE_MAX, lo que resulta en un acceso fuera de los límites. • https://bugzilla.suse.com/show_bug.cgi?id=1219127 https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13e788deb7348cc88df34bed736c3b3b9927ea52 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LB • CWE-193: Off-by-one Error •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. En el kernel de Linux hasta 6.7.1, hay un use-after-free en cec_queue_msg_fh, relacionado con drivers/media/cec/core/cec-adap.c y drivers/media/cec/core/cec-api.c. A vulnerability was found in the Linux kernel. A use-after-free exists in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c. • https://lore.kernel.org/lkml/e9f42704-2f99-4f2c-ade5-f952e5fd53e5%40xs4all.nl https://access.redhat.com/security/cve/CVE-2024-23848 https://bugzilla.redhat.com/show_bug.cgi?id=2260038 • CWE-416: Use After Free •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

A use-after-free flaw was found in the __ext4_remount in fs/ext4/super.c in ext4 in the Linux kernel. This flaw allows a local user to cause an information leak problem while freeing the old quota file names before a potential failure, leading to a use-after-free. Se encontró una falla de use-after-free en __ext4_remount en fs/ext4/super.c en ext4 en el kernel de Linux. Esta falla permite que un usuario local cause un problema de fuga de información mientras libera los nombres de archivos de cuota antiguos antes de una posible falla, lo que lleva a un use-after-free. • https://access.redhat.com/security/cve/CVE-2024-0775 https://bugzilla.redhat.com/show_bug.cgi?id=2259414 https://scm.linefinity.com/common/linux-stable/commit/4c0b4818b1f636bc96359f7817a2d8bab6370162 • CWE-416: Use After Free •

CVSS: 6.6EPSS: 0%CPEs: 5EXPL: 0

A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element corrupting this array of u32. This flaw allows a local user to cause a denial of service or potentially break NetFilter functionality. • https://access.redhat.com/security/cve/CVE-2024-0607 https://bugzilla.redhat.com/show_bug.cgi?id=2258635 https://github.com/torvalds/linux/commit/c301f0981fdd3fd1ffac6836b423c4d7a8e0eb63 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html • CWE-229: Improper Handling of Values •