Vulnerabilities > Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-21 | CVE-2024-49869 | Classic Buffer Overflow vulnerability in Linux Kernel 6.11 In the Linux kernel, the following vulnerability has been resolved: btrfs: send: fix buffer overflow detection when copying path to cache entry Starting with commit c0247d289e73 ("btrfs: send: annotate struct name_cache_entry with __counted_by()") we annotated the variable length array "name" from the name_cache_entry structure with __counted_by() to improve overflow detection. | 7.8 |
| 2024-10-21 | CVE-2024-49996 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: cifs: Fix buffer overflow when parsing NFS reparse points ReparseDataLength is sum of the InodeType size and DataBuffer size. So to get DataBuffer size it is needed to subtract InodeType's size from ReparseDataLength. Function cifs_strndup_from_utf16() is currentlly accessing buf->DataBuffer at position after the end of the buffer because it does not subtract InodeType size from the length. | 7.8 |
| 2024-10-21 | CVE-2024-47751 | Classic Buffer Overflow vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port() Within kirin_pcie_parse_port(), the pcie->num_slots is compared to pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead to an overflow. Thus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move pcie->num_slots increment below the if-statement to avoid out-of-bounds array access. Found by Linux Verification Center (linuxtesting.org) with SVACE. [kwilczynski: commit log] | 7.8 |
| 2024-10-13 | CVE-2024-9915 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability classified as critical was found in D-Link DIR-619L B1 2.06. | 8.8 |
| 2024-10-13 | CVE-2024-9913 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability was found in D-Link DIR-619L B1 2.06. | 8.8 |
| 2024-10-13 | CVE-2024-9914 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability classified as critical has been found in D-Link DIR-619L B1 2.06. | 8.8 |
| 2024-10-13 | CVE-2024-9912 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability was found in D-Link DIR-619L B1 2.06. | 8.8 |
| 2024-10-13 | CVE-2024-9911 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability was found in D-Link DIR-619L B1 2.06. | 8.8 |
| 2024-10-13 | CVE-2024-9910 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability was found in D-Link DIR-619L B1 2.06 and classified as critical. | 8.8 |
| 2024-10-13 | CVE-2024-9909 | Classic Buffer Overflow vulnerability in Dlink Dir-619L Firmware 2.06B1 A vulnerability has been found in D-Link DIR-619L B1 2.06 and classified as critical. | 8.8 |