Page 31 of 4107 results (0.063 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2024-26913 – drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue

https://notcve.org/view.php?id=CVE-2024-26913

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dcn35 8k30 Underflow/Corruption Issue [why] odm calculation is missing for pipe split policy determination and cause Underflow/Corruption issue. [how] Add the odm calculation. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: drm/amd/display: solucione el problema de corrupción/desbordamiento de dcn35 8k30 [por qué] falta el cálculo de odm para la determinación de la política de división de tuberías y causa un problema de corrupción/desbordamiento. [cómo] Agregue el cálculo de odm. • https://git.kernel.org/stable/c/cdbe0be8874c63bca85b8c38e5b1eecbdd18df31 https://git.kernel.org/stable/c/faf51b201bc42adf500945732abb6220c707d6f3 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2024-26884 – bpf: Fix hashtab overflow check on 32-bit arches

https://notcve.org/view.php?id=CVE-2024-26884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. However, on 32-bit arches, the roundup code itself can overflow by doing a 32-bit left-shift of an unsigned long value, which is undefined behaviour, so it is not guaranteed to truncate neatly. ... So apply the same fix to hashtab, by moving the overflow check to before the roundup. • https://git.kernel.org/stable/c/daaf427c6ab392bedcd018e326b2ffa1e1110cd6 https://git.kernel.org/stable/c/33ec04cadb77605b71d9298311919303d390c4d5 https://git.kernel.org/stable/c/92c81fbb3ed2e0dfc33a4183a67135e1ab566ace https://git.kernel.org/stable/c/64f00b4df0597590b199b62a37a165473bf658a6 https://git.kernel.org/stable/c/3b08cfc65f07b1132c1979d73f014ae6e04de55d https://git.kernel.org/stable/c/a83fdaeaea3677b83a53f72ace2d73a19bcd6d93 https://git.kernel.org/stable/c/8435f0961bf3dc65e204094349bd9aeaac1f8868 https://git.kernel.org/stable/c/d817f0d34d927f2deb17dadbfe212c9a6 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound

CVSS: 6.0EPSS: 0%CPEs: 6EXPL: 0

CVE-2024-26843 – efi: runtime: Fix potential overflow of soft-reserved region size

https://notcve.org/view.php?id=CVE-2024-26843

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: Fix potential overflow of soft-reserved region size md_size will have been narrowed if we have >= 4GB worth of pages in a soft-reserved region. ... Due to an integer overflow, certain EFI-related memory reservations might receive a size other than expected, leading to a denial of service. • https://git.kernel.org/stable/c/4fff3d735baea104017f2e3c245e27cdc79f2426 https://git.kernel.org/stable/c/4aa36b62c3eaa869860bf78b1146e9f2b5f782a9 https://git.kernel.org/stable/c/700c3f642c32721f246e09d3a9511acf40ae42be https://git.kernel.org/stable/c/cf3d6813601fe496de7f023435e31bfffa74ae70 https://git.kernel.org/stable/c/156cb12ffdcf33883304f0db645e1eadae712fe0 https://git.kernel.org/stable/c/de1034b38a346ef6be25fe8792f5d1e0684d5ff4 https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html https://access.redhat.com/security/cve/CVE-2024 • CWE-121: Stack-based Buffer Overflow

CVSS: 6.7EPSS: 0%CPEs: 4EXPL: 0

CVE-2024-26828 – cifs: fix underflow in parse_server_interfaces()

https://notcve.org/view.php?id=CVE-2024-26828

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parse_server_interfaces() In this loop, we step through the buffer and after each item we check if the size_left is greater than the minimum size we need. However, the problem is that "bytes_left" is type ssize_t while sizeof() is type size_t. That means that because of type promotion, the comparison is done as an unsigned and if we have negative bytes left the loop continues instead of ending. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: cifs: corrige el desbordamiento insuficiente en parse_server_interfaces() En este bucle, recorremos el búfer y después de cada elemento comprobamos si size_left es mayor que el tamaño mínimo que necesitamos. Sin embargo, el problema es que "bytes_left" es del tipo ssize_t mientras que sizeof() es del tipo size_t. • https://git.kernel.org/stable/c/fe856be475f7cf5ffcde57341d175ce9fd09434b https://git.kernel.org/stable/c/7190353835b4a219abb70f90b06cdcae97f11512 https://git.kernel.org/stable/c/f7ff1c89fb6e9610d2b01c1821727729e6609308 https://git.kernel.org/stable/c/df2af9fdbc4ddde18a3371c4ca1a86596e8be301 https://git.kernel.org/stable/c/cffe487026be13eaf37ea28b783d9638ab147204 https://access.redhat.com/security/cve/CVE-2024-26828 https://bugzilla.redhat.com/show_bug.cgi?id=2275600 • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0

CVE-2024-31031

https://notcve.org/view.php?id=CVE-2024-31031

An issue in `coap_pdu.c` in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow. • https://github.com/obgm/libcoap/issues/1351 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LPENEJBV3KSASIYKNZAKXDAH7Q66KPYG https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TUL7QDYFGEIJVO2ZSG4O5HEAWR6PFC52 • CWE-190: Integer Overflow or Wraparound