CVE-2024-35418
https://notcve.org/view.php?id=CVE-2024-35418
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/29237c52bd0cc30e3cc906f0af221b09 https://github.com/kanaka/wac/issues/19 •
CVE-2024-35419
https://notcve.org/view.php?id=CVE-2024-35419
This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. • https://gist.github.com/haruki3hhh/8b9e1922083abef33a9024017eb2b9fe https://github.com/kanaka/wac/issues/18 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVE-2024-47072 – XStream is vulnerable to a Denial of Service attack due to stack overflow from a manipulated binary input stream
https://notcve.org/view.php?id=CVE-2024-47072
This vulnerability may allow a remote attacker to terminate the application with a stack overflow error resulting in a denial of service only by manipulating the processed input stream when XStream is configured to use the BinaryStreamDriver. • https://github.com/x-stream/xstream/commit/bb838ce2269cac47433e31c77b2b236466e9f266 https://github.com/x-stream/xstream/security/advisories/GHSA-hfq9-hggm-c56q https://x-stream.github.io/CVE-2024-47072.html • CWE-121: Stack-based Buffer Overflow CWE-502: Deserialization of Untrusted Data •
CVE-2024-50163 – bpf: Make sure internal and UAPI bpf_redirect flags don't overlap
https://notcve.org/view.php?id=CVE-2024-50163
However, different code paths using identically-numbered flag values in the same struct field still seems like a bit of a mess, so this patch cleans that up by moving the flag definitions together and redefining the three flags in BPF_F_REDIRECT_INTERNAL to not overlap with the flags used for XDP. ... En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: bpf: Asegúrese de que los indicadores bpf_redirect internos y de UAPI no se superpongan El bpf_redirect_info se comparte entre las rutas de redireccionamiento de SKB y XDP, y las dos rutas usan los mismos valores de indicador numérico en el campo ri->flags (específicamente, BPF_F_BROADCAST == BPF_F_NEXTHOP). • https://git.kernel.org/stable/c/e624d4ed4aa8cc3c69d1359b0aaea539203ed266 https://git.kernel.org/stable/c/4e1e428533845d48828bd3875c0e92e8565b9962 https://git.kernel.org/stable/c/314dbee9fe4f5cee36435465de52c988d7caa466 https://git.kernel.org/stable/c/0fca5ed4be8e8bfbfb9bd97845af596bab7192d3 https://git.kernel.org/stable/c/cec288e05ceac9a0d3a3a1fd279534b11844c826 https://git.kernel.org/stable/c/09d88791c7cd888d5195c84733caf9183dcfbd16 •
CVE-2024-50159 – firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup()
https://notcve.org/view.php?id=CVE-2024-50159
In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() Clang static checker(scan-build) throws below warning: | drivers/firmware/arm_scmi/driver.c:line 2915, column 2 | Attempt to free released memory. When devm_add_action_or_reset() fails, scmi_debugfs_common_cleanup() will run twice which causes double free of 'dbg->name'. Remove the redundant scmi_debugfs_common_cleanup() to fix this problem. ... Cuando devm_add_action_or_reset() falla, scmi_debugfs_common_cleanup() se ejecutará dos veces, lo que provoca una doble liberación de 'dbg->name'. • https://git.kernel.org/stable/c/c3d4aed763ce4a39f8ed36c7b7cd9a6a35971329 https://git.kernel.org/stable/c/6d91d07913aee90556362d648d6a28a1eda419dc https://git.kernel.org/stable/c/fb324fdaf546bf14bc4c17e0037bca6cb952b121 https://git.kernel.org/stable/c/39b13dce1a91cdfc3bec9238f9e89094551bd428 •