In the Linux kernel, the following vulnerability has been resolved:
hwmon: (tps53679) Fix array access with zero-length block read
i2c_smbus_read_block_data() can return 0, indicating a zero-length
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()
Fix two bugs in pt5161l_read_block_data():
1. Buffer overrun: The local bu
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (pmbus/q54sj108a2) fix stack overflow in debugfs read
The q54sj108a2_debugfs_read function suffers from a stack buffer over
In the Linux kernel, the following vulnerability has been resolved:
eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
Commit effa453168a7 ("i2c: i801: Don't silently correct invalid transfer
si
In the Linux kernel, the following vulnerability has been resolved:
i2c: tegra: check msg length in SMBUS block read
For SMBUS block read, do not continue to read if the message length
passed from t
In the Linux kernel, the following vulnerability has been resolved:
iio: chemical: sps30_i2c: fix buffer size in sps30_i2c_read_meas()
sizeof(num) evaluates to sizeof(size_t) (8 bytes on 64-bit) ins
In the Linux kernel, the following vulnerability has been resolved:
ca8210: fix mac_len negative array access
This patch fixes a buffer overflow access of skb->data if
ieee802154_hdr_peek_addrs() fa
In the Linux kernel, the following vulnerability has been resolved:
scsi: sd: Fix off-by-one error in sd_read_block_characteristics()
Ff the device returns page 0xb1 with length 8 (happens with qemu
In the Linux kernel, the following vulnerability has been resolved:
smb: client: Add check for next_buffer in receive_encrypted_standard()
Add check for the return value of cifs_buf_get() and cifs_s
In the Linux kernel, the following vulnerability has been resolved:
smb/client: fix out-of-bounds read in smb2_compound_op()
If a server sends a truncated response but a large OutputBufferLength, an
In the Linux kernel, the following vulnerability has been resolved:
smb/client: fix out-of-bounds read in symlink_data()
Since smb2_check_message() returns success without length validation for
the
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (pmbus_core) Fix NULL pointer dereference
Pass i2c_client to _pmbus_is_enabled to drop the assumption
that a regulator devi
In the Linux kernel, the following vulnerability has been resolved:
i2c: s3c24xx: check the size of the SMBUS message before using it
The first byte of an i2c SMBUS message is the size, and it shoul
In the Linux kernel, the following vulnerability has been resolved:
HID: mcp2221: prevent a buffer overflow in mcp_smbus_write()
Smatch Warning:
drivers/hid/hid-mcp2221.c:388 mcp_smbus_write() error
In the Linux kernel, the following vulnerability has been resolved:
i2c: rtl9300: Fix out-of-bounds bug in rtl9300_i2c_smbus_xfer
The data->block[0] variable comes from user. Without proper check,
t
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()
If the 'buf' array received from the user contain
In the Linux kernel, the following vulnerability has been resolved:
hwmon: (ltc2991) re-order conditions to fix off by one bug
LTC2991_T_INT_CH_NR is 4. The st->temp_en[] array has LTC2991_MAX_CHAN
In the Linux kernel, the following vulnerability has been resolved:
tracing: ring-buffer: Fix to check event length before using
Check the event length before adding it for accessing next index in
r
In the Linux kernel, the following vulnerability has been resolved:
smb: client: fix off-by-8 bounds check in check_wsl_eas()
The bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA
na
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7996: Fix possible oob access in mt7996_mac_write_txwi_80211()
Check frame length before accessing the mgmt fields i
Page 1+ Next →