Page 293 of 3233 results (0.007 seconds)

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoid format-overflow warning With gcc and W=1 option, there's a warning like this: fs/f2fs/compress.c: In function ‘f2fs_init_page_array_cache’: fs/f2fs/compress.c:1984:47: error: ‘%u’ directive writing between 1 and 7 bytes into a region of size between 5 and 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, "f2fs_page_array_entry-%u:%u", MAJOR(dev), MINOR(dev)); | ^~ String "f2fs_page_array_entry-%u:%u" can up to 35. The first "%u" can up to 4 and the second "%u" can up to 7, so total size is "24 + 4 + 7 = 35". slab_name's size should be 35 rather than 32. En el kernel de Linux se ha resuelto la siguiente vulnerabilidad: f2fs: evitar aviso de desbordamiento de formato. Con la opción gcc y W=1, aparece un aviso como este: fs/f2fs/compress.c: En la función 'f2fs_init_page_array_cache': fs/f2fs /compress.c:1984:47: error: directiva '%u' escribiendo entre 1 y 7 bytes en una región de tamaño entre 5 y 8 [-Werror=format-overflow=] 1984 | sprintf(slab_name, "f2fs_page_array_entry-%u:%u", MAJOR(dev), MINOR(dev)); | ^~ La cadena "f2fs_page_array_entry-%u:%u" puede tener hasta 35. El primer "%u" puede tener hasta 4 y el segundo "%u" puede hasta 7, por lo que el tamaño total es "24 + 4 + 7 = 35". • https://git.kernel.org/stable/c/31083031709eea6530f0551d59eecdb2e68265ef https://git.kernel.org/stable/c/c041f5ddef00c731c541e00bc8ae97b8c84c682f https://git.kernel.org/stable/c/e4088d7d8f1123006d46a42edf51b8c960a58ef9 https://git.kernel.org/stable/c/526dd7540a09ecf87b5f54f3ab4e0a2528f25a79 https://git.kernel.org/stable/c/6fca08fd3085253b48fcb1bd243a0a5e18821a00 https://git.kernel.org/stable/c/3eebe636cac53886bd5d1cdd55e082ec9e84983f https://git.kernel.org/stable/c/e0d4e8acb3789c5a8651061fbab62ca24a45c063 •

CVSS: -EPSS: 0%CPEs: 9EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix a possible null pointer dereference In radeon_fp_native_mode(), the return value of drm_mode_duplicate() is assigned to mode, which will lead to a NULL pointer dereference on failure of drm_mode_duplicate(). Add a check to avoid npd. The failure status of drm_cvt_mode() on the other path is checked too. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: drm/radeon: corrige una posible desreferencia del puntero null. En radeon_fp_native_mode(), el valor de retorno de drm_mode_duplicate() se asigna al modo, lo que conducirá a una desreferencia del puntero NULL en caso de falla de drm_mode_duplicate(). Agregue una marca para evitar npd. • https://git.kernel.org/stable/c/b33f7d99c9226892c7794dc2500fae35966020c9 https://git.kernel.org/stable/c/16a0f0b63c4c7eb46fc4c3f00bf2836e6ee46a9f https://git.kernel.org/stable/c/8a89bfeef9abe93371e3ea8796377f2d132eee29 https://git.kernel.org/stable/c/28fd384c78d7d8ed8af0d086d778c3e438ba7f60 https://git.kernel.org/stable/c/fee8ae0a0bb66eb7730c22f44fbd7203f63c2eab https://git.kernel.org/stable/c/7b7fba107b2c4ec7673d0f45bdbb9d1af697d9b9 https://git.kernel.org/stable/c/e938d24f0b7392e142b8aa434f18590d99dbe479 https://git.kernel.org/stable/c/140d9807b96e1303f6f2675a7ae8710a2 •

CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Don't overflow in peek() When we started spreading new inode numbers throughout most of the 64 bit inode space, that triggered some corner case bugs, in particular some integer overflows related to the radix tree code. Oops. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: lib/generic-radix-tree.c: No se desborda en peek() Cuando comenzamos a distribuir nuevos números de inodos en la mayor parte del espacio de inodos de 64 bits, eso activó algunas esquinas. errores de casos, en particular algunos desbordamientos de enteros relacionados con el código del árbol de base. Ups. • https://git.kernel.org/stable/c/784d01f9bbc282abb0c5ade5beb98a87f50343ac https://git.kernel.org/stable/c/ec298b958cb0c40d70c68079da933c8f31c5134c https://git.kernel.org/stable/c/aa7f1827953100cdde0795289a80c6c077bfe437 https://git.kernel.org/stable/c/9492261ff2460252cf2d8de89cdf854c7e2b28a0 https://access.redhat.com/security/cve/CVE-2021-47432 https://bugzilla.redhat.com/show_bug.cgi?id=2282366 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occurs. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: IB/hfi1: restaurar los recursos asignados en caso de copia fallida. Reparar una fuga de recursos si se produce un error. • https://git.kernel.org/stable/c/f404ca4c7ea8e650ba09ba87c71c7a89c865d5be https://git.kernel.org/stable/c/00d9e212b8a39e6ffcf31b9d2e503d2bf6009d45 https://git.kernel.org/stable/c/7896accedf5bf1277d2f305718e36dc8bac7e321 https://git.kernel.org/stable/c/79b595d9591426156a9e0635a5b5115508a36fef https://git.kernel.org/stable/c/9bae58d58b6bb73b572356b31a62d2afc7378d12 https://git.kernel.org/stable/c/0a4f811f2e5d07bbd0c9226f4afb0a1270a831ae https://git.kernel.org/stable/c/6601fc0d15ffc20654e39486f9bef35567106d68 •

CVSS: 2.5EPSS: 0%CPEs: 4EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() int type = nla_type(nla); if (type > XFRMA_MAX) { return -EOPNOTSUPP; } @type is then used as an array index and can be used as a Spectre v1 gadget. if (nla_len(nla) < compat_policy[type].len) { array_index_nospec() can be used to prevent leaking content of kernel memory to malicious users. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: xfrm/compat: previene el posible gadget spectre v1 en xfrm_xlate32_attr() int type = nla_type(nla); if (tipo &gt; XFRMA_MAX) { return -EOPNOTSUPP; } @type luego se usa como índice de matriz y se puede usar como un gadget Spectre v1. if (nla_len(nla) &lt; compat_policy[type].len) { array_index_nospec() se puede utilizar para evitar la filtración de contenido de la memoria del kernel a usuarios malintencionados. • https://git.kernel.org/stable/c/5106f4a8acff480e244300bc5097c0ad7048c3a2 https://git.kernel.org/stable/c/a893cc644812728e86e9aff517fd5698812ecef0 https://git.kernel.org/stable/c/5dc688fae6b7be9dbbf5304a3d2520d038e06db5 https://git.kernel.org/stable/c/419674224390fca298020fc0751a20812f84b12d https://git.kernel.org/stable/c/b6ee896385380aa621102e8ea402ba12db1cabff •