Количество 24
Количество 24
CVE-2024-49996
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev().
CVE-2024-49996
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev().
CVE-2024-49996
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev().
CVE-2024-49996
cifs: Fix buffer overflow when parsing NFS reparse points
CVE-2024-49996
In the Linux kernel, the following vulnerability has been resolved: c ...
GHSA-276c-3gx4-x9pr
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev().
BDU:2025-04553
Уязвимость функции cifs_strndup_from_utf16() модуля /fs/smb/client/reparse.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
ROS-20250317-01
Множественные уязвимости kernel-lt
SUSE-SU-2025:03272-1
Security update for the Linux Kernel
SUSE-SU-2025:03301-1
Security update for the Linux Kernel
SUSE-SU-2025:03382-1
Security update for the Linux Kernel
SUSE-SU-2025:03290-1
Security update for the Linux Kernel
ELSA-2025-20100
ELSA-2025-20100: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2025:0034-1
Security update for the Linux Kernel
SUSE-SU-2024:4100-1
Security update for the Linux Kernel
ELSA-2025-20095
ELSA-2025-20095: Unbreakable Enterprise kernel security update (IMPORTANT)
SUSE-SU-2024:3983-1
Security update for the Linux Kernel
SUSE-SU-2024:3985-1
Security update for the Linux Kernel
SUSE-SU-2025:03011-1
Security update for the Linux Kernel
SUSE-SU-2024:3986-1
Security update for the Linux Kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-49996 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev(). | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-49996 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev(). | CVSS3: 6.7 | 0% Низкий | около 1 года назад |
 | CVE-2024-49996 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev(). | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | CVE-2024-49996 cifs: Fix buffer overflow when parsing NFS reparse points | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| CVE-2024-49996 In the Linux kernel, the following vulnerability has been resolved: c ... | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
| GHSA-276c-3gx4-x9pr In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. Fix this problem and correctly subtract variable len. Member InodeType is present only when reparse buffer is large enough. Check for ReparseDataLength before accessing InodeType to prevent another invalid memory access. Major and minor rdev values are present also only when reparse buffer is large enough. Check for reparse buffer size before calling reparse_mkdev(). | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | BDU:2025-04553 Уязвимость функции cifs_strndup_from_utf16() модуля /fs/smb/client/reparse.c ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации | CVSS3: 7.8 | 0% Низкий | около 1 года назад |
 | ROS-20250317-01 Множественные уязвимости kernel-lt | CVSS3: 8.8 | 8 месяцев назад | |
 | SUSE-SU-2025:03272-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:03301-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:03382-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| SUSE-SU-2025:03290-1 Security update for the Linux Kernel | около 2 месяцев назад | ||
| ELSA-2025-20100 ELSA-2025-20100: Unbreakable Enterprise kernel security update (IMPORTANT) | 9 месяцев назад | ||
| SUSE-SU-2025:0034-1 Security update for the Linux Kernel | 10 месяцев назад | ||
| SUSE-SU-2024:4100-1 Security update for the Linux Kernel | 12 месяцев назад | ||
| ELSA-2025-20095 ELSA-2025-20095: Unbreakable Enterprise kernel security update (IMPORTANT) | 9 месяцев назад | ||
| SUSE-SU-2024:3983-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2024:3985-1 Security update for the Linux Kernel | около 1 года назад | ||
| SUSE-SU-2025:03011-1 Security update for the Linux Kernel | 3 месяца назад | ||
| SUSE-SU-2024:3986-1 Security update for the Linux Kernel | около 1 года назад |
Уязвимостей на страницу