Page 333 of 3000 results (0.007 seconds)

CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: igb: Fix string truncation warnings in igb_set_fw_version Commit 1978d3ead82c ("intel: fix string truncation warnings") fixes '-Wformat-truncation=' warnings in igb_main.c by using kasprintf. drivers/net/ethernet/intel/igb/igb_main.c:3092:53: warning:‘%d’ directive output may be truncated writing between 1 and 5 bytes into a region of size between 1 and 13 [-Wformat-truncation=] 3092 | "%d.%d, 0x%08x, %d.%d.%d", | ^~ drivers/net/ethernet/intel/igb/igb_main.c:3092:34: note:directive argument in the range [0, 65535] 3092 | "%d.%d, 0x%08x, %d. • https://git.kernel.org/stable/c/1978d3ead82c8e39d739dd4e19b1ea7bf923dfb4 https://git.kernel.org/stable/c/c56d055893cbe97848611855d1c97d0ab171eccc https://access.redhat.com/security/cve/CVE-2024-36010 https://bugzilla.redhat.com/show_bug.cgi?id=2282950 • CWE-476: NULL Pointer Dereference •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: tracing: Have trace_event_file have ref counters The following can crash the kernel: # cd /sys/kernel/tracing # echo 'p:sched schedule' > kprobe_events # exec 5>>events/kprobes/sched/enable # > kprobe_events # exec 5>&- The above commands: 1. Change directory to the tracefs directory 2. Create a kprobe event (doesn't matter what one) 3. Open bash file descriptor 5 on the enable file of the kprobe event 4. Delete the kprobe event (removes the files too) 5. • https://git.kernel.org/stable/c/e6807c873d8791ae5a5186ad05ec66cab926539a https://git.kernel.org/stable/c/407bf1c140f0757706c0b28604bcc90837d45ce2 https://git.kernel.org/stable/c/fa6d449e4d024d8c17f4288e0567d28ace69415c https://git.kernel.org/stable/c/a46bf337a20f9edd3c8041b025639842280d0575 https://git.kernel.org/stable/c/9beec04370132a7a6cd1aa9897f6fffc6262ff28 https://git.kernel.org/stable/c/f5ca233e2e66dc1c249bf07eefa37e34a6c9346a https://git.kernel.org/stable/c/961c4511c7578d6b8f39118be919016ec3db1c1e https://git.kernel.org/stable/c/a98172e36e5f1b3d29ad71fade2d611cf •

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds If the "struct can_priv::echoo_skb" is accessed out of bounds, this would cause a kernel crash. Instead, issue a meaningful warning message and return with an error. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: dev: can_put_echo_skb(): no bloquee el kernel si se accede a can_priv::echo_skb fuera de los límites. Si se accede a "struct can_priv::echoo_skb" fuera de los límites, esto provocaría un fallo del kernel. En su lugar, emita un mensaje de advertencia significativo y regrese con un error. • https://git.kernel.org/stable/c/a6e4bc5304033e434fabccabb230b8e9ff55d76f https://git.kernel.org/stable/c/826120c9ba68f2d0dbae58e99013929c883d1444 https://git.kernel.org/stable/c/0d30931f1fa0fb893fb7d5dc32b6b7edfb775be4 https://git.kernel.org/stable/c/53c468008a7c9ca3f5fc985951f35ec2acae85bc https://git.kernel.org/stable/c/8ab67da060157362b2e0926692c659808784708f https://git.kernel.org/stable/c/6411959c10fe917288cbb1038886999148560057 https://access.redhat.com/security/cve/CVE-2023-52878 https://bugzilla.redhat.com/show_bug.cgi?id=2282680 • CWE-125: Out-of-bounds Read •

CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on failure. When port->partner is an error, a NULL pointer dereference may occur as shown below. [91222.095236][ T319] typec port0: failed to register partner (-17) ... [91225.061491][ T319] Unable to handle kernel NULL pointer dereference at virtual address 000000000000039f [91225.274642][ T319] pc : tcpm_pd_data_request+0x310/0x13fc [91225.274646][ T319] lr : tcpm_pd_data_request+0x298/0x13fc [91225.308067][ T319] Call trace: [91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc [91225.308073][ T319] tcpm_pd_rx_handler+0x100/0x9e8 [91225.355900][ T319] kthread_worker_fn+0x178/0x58c [91225.355902][ T319] kthread+0x150/0x200 [91225.355905][ T319] ret_from_fork+0x10/0x30 Add a check for port->partner to avoid dereferencing a NULL pointer. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: usb: typec: tcpm: corrige la desreferencia del puntero NULL en tcpm_pd_svdm(). Es posible que typec_register_partner() devuelva ERR_PTR en caso de fallo. Cuando port->partner es un error, puede ocurrir una desreferencia de puntero NULL como se muestra a continuación. [91222.095236][T319] typec port0: no se pudo registrar el socio (-17)... [91225.061491][T319] No se puede manejar la desreferencia del puntero NULL del kernel en la dirección virtual 000000000000039f [91225.274642][T319] pc: tcpm_pd_data_request+0x310 /0x13fc [91225.274646][ T319] lr: tcpm_pd_data_request+0x298/0x13fc [91225.308067][ T319] Rastreo de llamadas: [91225.308070][ T319] tcpm_pd_data_request+0x310/0x13fc 3][T319] tcpm_pd_rx_handler+0x100/0x9e8 [91225.355900][T319] kthread_worker_fn+0x178/0x58c [91225.355902][ T319] kthread+0x150/0x200 [91225.355905][ T319] ret_from_fork+0x10/0x30 Agregue una verificación de port->partner para evitar desreferenciar un puntero NULL. • https://git.kernel.org/stable/c/5e1d4c49fbc86dab6e005d66f066bd53c9479cde https://git.kernel.org/stable/c/e5f53a68a596e04df3fde3099273435a30b6fdac https://git.kernel.org/stable/c/e7a802447c491903aa7cb45967aa2a934a4e63fc https://git.kernel.org/stable/c/9ee038590d808a95d16adf92818dcd4752273c08 https://git.kernel.org/stable/c/b37a168c0137156042a0ca9626651b5a789e822b https://git.kernel.org/stable/c/4987daf86c152ff882d51572d154ad12e4ff3a4b https://access.redhat.com/security/cve/CVE-2023-52877 https://bugzilla.redhat.com/show_bug.cgi?id=2282712 • CWE-476: NULL Pointer Dereference •

CVSS: -EPSS: 0%CPEs: 7EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data Add the check for the return value of mtk_alloc_clk_data() in order to avoid NULL pointer dereference. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: mediatek: clk-mt7629-eth: Agregar verificación para mtk_alloc_clk_data. Agregue la verificación para el valor de retorno de mtk_alloc_clk_data() para evitar la desreferencia al puntero NULL. • https://git.kernel.org/stable/c/3b5e748615e714711220b2a95d19bd25a037db09 https://git.kernel.org/stable/c/cfa68e0ac5dcde43577adadf6f0f26f3b365ad68 https://git.kernel.org/stable/c/96e9544a0c4faca616b3f9f4034dcd83a14e7f22 https://git.kernel.org/stable/c/c4070ada5d5155c8d4d17ea64bd246949889f25b https://git.kernel.org/stable/c/a540ca0aeae83c2f3964bcb4e383f64ce2ec1783 https://git.kernel.org/stable/c/b20cfe007a46f8c165d42a05c50a8d3d893e6592 https://git.kernel.org/stable/c/1639072f6260babd017556e9f236ca2ad589d1e7 https://git.kernel.org/stable/c/0884393c63cc9a1772f7121a6645ba7bd •