Page 338 of 3944 results (0.061 seconds)

CVSS: -EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: riscv: Check if the code to patch lies in the exit section Otherwise we fall through to vmalloc_to_page() which panics since the address does not lie in the vmalloc region. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: riscv: compruebe si el código a parchear se encuentra en la sección de salida. De lo contrario, caeremos en vmalloc_to_page(), lo que entra en pánico ya que la dirección no se encuentra en la región vmalloc. • https://git.kernel.org/stable/c/043cb41a85de1c0e944da61ad7a264960e22c865 https://git.kernel.org/stable/c/938f70d14618ec72e10d6fcf8a546134136d7c13 https://git.kernel.org/stable/c/890cfe5337e0aaf03ece1429db04d23c88da72e7 https://git.kernel.org/stable/c/8db56df4a954b774bdc68917046a685a9fa2e4bc https://git.kernel.org/stable/c/1d7a03052846f34d624d0ab41a879adf5e85c85f https://git.kernel.org/stable/c/420370f3ae3d3b883813fd3051a38805160b2b9f •

CVSS: -EPSS: 0%CPEs: 3EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding together a 64-bit register with a int offset. The register was checked to be below 1<<29 when it was variable, but not when it was fixed. The offset either comes from an instruction (in which case it is 16 bit), from another register (in which case the caller checked it to be below 1<<29 [1]), or from the size of an argument to a kfunc (in which case it can be a u32 [2]). Between the register being inconsistently checked to be below 1<<29, and the offset being up to an u32, it appears that we were open to overflowing the `int`s which were currently used for arithmetic. [1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498 [2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904 En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Proteger los límites de la pila contra el desbordamiento de 32 bits. • https://git.kernel.org/stable/c/ad140fc856f0b1d5e2215bcb6d0cc247a86805a2 https://git.kernel.org/stable/c/e5ad9ecb84405637df82732ee02ad741a5f782a6 https://git.kernel.org/stable/c/1d38a9ee81570c4bd61f557832dead4d6f816760 •

CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memory which can be NULL upon failure. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: powerpc/imc-pmu: agregue una verificación de puntero null en update_events_in_group() kasprintf() devuelve un puntero a la memoria asignada dinámicamente que puede ser NULL en caso de fallo. • https://git.kernel.org/stable/c/885dcd709ba9120b9935415b8b0f9d1b94e5826b https://git.kernel.org/stable/c/75fc599bcdcb1de093c9ced2e3cccc832f3787f3 https://git.kernel.org/stable/c/1e80aa25d186a7aa212df5acd8c75f55ac8dae34 https://git.kernel.org/stable/c/5a669f3511d273c8c1ab1c1d268fbcdf53fc7a05 https://git.kernel.org/stable/c/f105c263009839d80fad6998324a4e1b3511cba0 https://git.kernel.org/stable/c/a2da3f9b1a1019c887ee1d164475a8fcdb0a3fec https://git.kernel.org/stable/c/024352f7928b28f53609660663329d8c0f4ad032 https://git.kernel.org/stable/c/c7d828e12b326ea50fb80c369d7aa8751 •

CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and SCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outside scarlett2_mixer_values[]. En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ALSA: scarlett2: Add clamp() en scarlett2_mixer_ctl_put() Asegúrese de que el valor pasado a scarlett2_mixer_ctl_put() esté entre 0 y SCARLETT2_MIXER_MAX_VALUE para que no intentemos acceder fuera de scarlett2_mixer_values[]. • https://git.kernel.org/stable/c/9e4d5c1be21f0c00e747e92186784f3298309b3e https://git.kernel.org/stable/c/e517645ead5ea22c69d2a44694baa23fe1ce7c2b https://git.kernel.org/stable/c/d8d8897d65061cbe36bf2909057338303a904810 https://git.kernel.org/stable/c/03035872e17897ba89866940bbc9cefca601e572 https://git.kernel.org/stable/c/ad945ea8d47dd4454c271510bea24850119847c2 https://git.kernel.org/stable/c/04f8f053252b86c7583895c962d66747ecdc61b7 •

CVSS: -EPSS: 0%CPEs: 6EXPL: 0

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel using kexec which results in kernel panic. Thus clear the BM pool registers before initialisation to fix the issue. En el kernel de Linux, se resolvió la siguiente vulnerabilidad: net: mvpp2: borre el grupo de BM antes de la inicialización. El valor del registro persiste después de iniciar el kernel usando kexec, lo que genera pánico en el kernel. Por lo tanto, borre los registros del grupo BM antes de la inicialización para solucionar el problema. • https://git.kernel.org/stable/c/3f518509dedc99f0b755d2ce68d24f610e3a005a https://git.kernel.org/stable/c/83f99138bf3b396f761600ab488054396fb5768f https://git.kernel.org/stable/c/af47faa6d3328406038b731794e7cf508c71affa https://git.kernel.org/stable/c/cec65f09c47d8c2d67f2bcad6cf05c490628d1ec https://git.kernel.org/stable/c/938729484cfa535e9987ed0f86f29a2ae3a8188b https://git.kernel.org/stable/c/dc77f6ab5c3759df60ff87ed24f4d45df0f3b4c4 https://git.kernel.org/stable/c/9f538b415db862e74b8c5d3abbccfc1b2b6caa38 https://lists.debian.org/debian-lts-announce/2024/06/ •