CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2023-52486 – drm: Don't unref the same fb many times by mistake due to deadlock handling
https://notcve.org/view.php?id=CVE-2023-52486
29 Feb 2024 — Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. • https://git.kernel.org/stable/c/376e21a9e4c2c63ee5d8d3aa74be5082c3882229 • CWE-833: Deadlock •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-46951 – tpm: efi: Use local variable for calculating final log size
https://notcve.org/view.php?id=CVE-2021-46951
27 Feb 2024 — Use a local variable to avoid this integer underflow. ... Use a local variable to avoid this integer underflow. • https://git.kernel.org/stable/c/166a2809d65b282272c474835ec22c882a39ca1b • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-46940 – tools/power turbostat: Fix offset overflow issue in index converting
https://notcve.org/view.php?id=CVE-2021-46940
27 Feb 2024 — In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idx_to_offset() function returns type int (32-bit signed), but MSR_PKG_ENERGY_STAT is u32 and would be interpreted as a negative number. The end result is that it hits the if (offset < 0) check in update_msr_sum() which prevents the timer callback from updating the stat in the background when long durations are used. The similar issue exists in offset_to_idx() and upda... • https://git.kernel.org/stable/c/9972d5d84d76982606806b2ce887f70c2f8ba60a • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21825
https://notcve.org/view.php?id=CVE-2024-21825
26 Feb 2024 — A heap-based buffer overflow vulnerability exists in the GGUF library GGUF_TYPE_ARRAY/GGUF_TYPE_STRING parsing functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la librería GGUF GGUF_TYPE_ARRAY/GGUF_TYPE_STRING funcionalidad de análisis de llama.cpp Confirmación 18c2e17. Un archivo .gguf especialmente ma... • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1912 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23496
https://notcve.org/view.php?id=CVE-2024-23496
26 Feb 2024 — A heap-based buffer overflow vulnerability exists in the GGUF library gguf_fread_str functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad gguf_fread_str de la librería GGUF de llama.cpp Commit 18c2e17. Un archivo .gguf especialmente manipulado puede provocar la ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1913 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-21836
https://notcve.org/view.php?id=CVE-2024-21836
26 Feb 2024 — A heap-based buffer overflow vulnerability exists in the GGUF library header.n_tensors functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad header.n_tensors de la librería GGUF de llama.cpp Commit 18c2e17. Un archivo .gguf especialmente manipulado puede provocar la ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1915 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-23605
https://notcve.org/view.php?id=CVE-2024-23605
26 Feb 2024 — A heap-based buffer overflow vulnerability exists in the GGUF library header.n_kv functionality of llama.cpp Commit 18c2e17. A specially crafted .gguf file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. Existe una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico en la funcionalidad header.n_kv de la librería GGUF de llama.cpp Commit 18c2e17. Un archivo .gguf especialmente manipulado puede provocar la ejecución de código. • https://talosintelligence.com/vulnerability_reports/TALOS-2024-1916 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-24478
https://notcve.org/view.php?id=CVE-2024-24478
21 Feb 2024 — An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. Un problema en el equipo Wireshark Wireshark anterior a v.4.2.0 permite que un atacante remoto provoque una denegación de servicio a través de los componentes paquete-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_... • https://gist.github.com/1047524396/e82c55147cd3cb62ef20cbdb0ec83694 • CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2024-21812
https://notcve.org/view.php?id=CVE-2024-21812
20 Feb 2024 — An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2024-23313
https://notcve.org/view.php?id=CVE-2024-23313
20 Feb 2024 — An integer underflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW • CWE-191: Integer Underflow (Wrap or Wraparound) •