The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 failed to check the size of the output buffer of the caller which could lead to data corruption on the host (Cortex-M4) application
Memory corruption can occur during context user dumps due to inadequate checks on buffer length.
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
Memory corruption while handling buffer mapping operations in the cryptographic driver.
In the Linux kernel, the following vulnerability has been resolved:
media: iris: Add missing platform data entries for SM8750
Two platform-data fields for SM8750 were missed:
- get_vpu_buffer_siz
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the `virtio_snd_pcm_in_cb` function did not check whether the iov could fit the data buffer, potentially lea
A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can
Memory Corruption when accessing buffers with invalid length during TA invocation.
In the Linux kernel, the following vulnerability has been resolved:
ALSA: ymfpci: Fix BUG_ON in probe function
The snd_dma_buffer.bytes field now contains the aligned size, which this
snd_BUG_ON() d
Memory corruption while performing SCM call with malformed inputs.
Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation.
In BootROM, there is a missing size check for RSA keys in Certificate Type 0 validation. This could lead to memory buffer overflow without requiring additional execution privileges.
Memory corruption while allocating buffers in DSP service.
Memory Corruption when a corrupted ELF image with an oversized file size is read into a buffer without authentication.
In FDL1, there is a possible missing payload size check. This could lead to memory buffer overflow without requiring additional execution privileges.
Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing.
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality.
Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.
In the Linux kernel, the following vulnerability has been resolved:
cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()
cxl_payload_from_user_allowed() casts
Page 1+ Next →