CVE-2023-52832 – wifi: mac80211: don't return unset power in ieee80211_get_tx_power()
https://notcve.org/view.php?id=CVE-2023-52832
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We can get a UBSAN warning if ieee80211_get_tx_power() returns the INT_MIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in net/wireless/nl80211.c:3816:5 -2147483648 * 100 cannot be represented in type 'int' CPU: 0 PID: 20433 Comm: insmod Tainted: G WC OE Call Trace: dump_stack+0x74/0x92 ubsan_epilogue+0x9/0x50 handle_overflow+0x8d/0xd0 __ubsan_handle_mul_overflow+0xe/0x10 nl80211_send_iface+0x688/0x6b0 [cfg80211] [...] cfg80211_register_wdev+0x78/0xb0 [cfg80211] cfg80211_netdev_notifier_call+0x200/0x620 [cfg80211] [...] ieee80211_if_add+0x60e/0x8f0 [mac80211] ieee80211_register_hw+0xda5/0x1170 [mac80211] In this case, simply return an error instead, to indicate that no data is available. • https://git.kernel.org/stable/c/1571120c44dbe5757aee1612c5b6097cdc42710f https://git.kernel.org/stable/c/298e767362cade639b7121ecb3cc5345b6529f62 https://git.kernel.org/stable/c/efeae5f4972f75d50002bc50eb112ab9e7069b18 https://git.kernel.org/stable/c/717de20abdcd1d4993fa450e28b8086a352620ea https://git.kernel.org/stable/c/21a0f310a9f3bfd2b4cf4f382430e638607db846 https://git.kernel.org/stable/c/2be24c47ac19bf639c48c082486c08888bd603c6 https://git.kernel.org/stable/c/adc2474d823fe81d8da759207f4f1d3691aa775a https://git.kernel.org/stable/c/5a94cffe90e20e8fade0b9abd4370bd67 • CWE-190: Integer Overflow or Wraparound CWE-920: Improper Restriction of Power Consumption •
CVE-2024-35905 – bpf: Protect against int overflow for stack access size
https://notcve.org/view.php?id=CVE-2024-35905
An integer overflow vulnerability exists in the access size of a stack, such that the size of the access stack can appear negative as a result of overflowing its signed int representation. • https://git.kernel.org/stable/c/afea95d319ccb4ad2060dece9ac5e2e364dec543 https://git.kernel.org/stable/c/02962684258eb53f414a8a59854767be526e6abb https://git.kernel.org/stable/c/b1d4d54d32ce6342f5faffe71bae736540ce7cb5 https://git.kernel.org/stable/c/08b91babccbb168353f8d43fea0ed28a4cad568c https://git.kernel.org/stable/c/a833a17aeac73b33f79433d7cee68d5cafd71e4f https://git.kernel.org/stable/c/1858b8a331937f3976d8482cd5f6e1f945294ad3 https://git.kernel.org/stable/c/9970e059af471478455f9534e8c3db82f8c5496d https://git.kernel.org/stable/c/37dc1718dc0c4392dbfcb9adec22a776e •
CVE-2024-4453 – GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-4453
GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. ... The vulnerability is caused by improper parsing of EXIF metadata and a lack of proper validation of user-supplied data, which triggers an integer overflow. ... The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. • https://gitlab.freedesktop.org/tpm/gstreamer/-/commit/e68eccff103ab0e91e6d77a892f57131b33902f5 https://lists.debian.org/debian-lts-announce/2024/05/msg00019.html https://www.zerodayinitiative.com/advisories/ZDI-24-467 https://access.redhat.com/security/cve/CVE-2024-4453 https://bugzilla.redhat.com/show_bug.cgi?id=2282999 • CWE-190: Integer Overflow or Wraparound •
CVE-2024-30037 – Windows Common Log File System Driver Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2024-30037
The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30037 • CWE-125: Out-of-bounds Read •
CVE-2024-30021 – Windows Mobile Broadband Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2024-30021
Windows Mobile Broadband Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador de banda ancha de Windows Mobile • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30021 • CWE-190: Integer Overflow or Wraparound •