Vulnerabilities > Improper Restriction of Operations within the Bounds of a Memory Buffer
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-05 | CVE-2024-36129 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opentelemetry Configgrpc, Confighttp and Opentelemetry Collector The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. | 7.5 |
| 2024-04-28 | CVE-2022-48655 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI drivers requests through the SCMI reset operations interface can potentially lead to out-of-bound violations if the SCMI driver misbehave. Add an internal consistency check before any such domains descriptors accesses. | 7.8 |
| 2024-04-24 | CVE-2024-27791 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products The issue was addressed with improved checks. | 7.1 |
| 2024-04-17 | CVE-2024-26883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. | 7.8 |
| 2024-04-17 | CVE-2024-26884 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code relies on roundup_pow_of_two() to compute the number of hash buckets, and contains an overflow check by checking if the resulting value is 0. | 7.8 |
| 2024-04-17 | CVE-2024-26885 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAP_HASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the max_entries value provided when creating the map. | 7.8 |
| 2024-04-06 | CVE-2024-3159 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. | 8.8 |
| 2024-02-23 | CVE-2023-52464 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bug in the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr': drivers/edac/thunderx_edac.c:1136:17: error: 'strncat' specified bound 1024 equals destination size [-Werror=stringop-overflow=] 1136 | strncat(msg, other, OCX_MESSAGE_SIZE); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ... 1145 | strncat(msg, other, OCX_MESSAGE_SIZE); ... 1150 | strncat(msg, other, OCX_MESSAGE_SIZE); ... Apparently the author of this driver expected strncat() to behave the way that strlcat() does, which uses the size of the destination buffer as its third argument rather than the length of the source buffer. | 7.8 |
| 2024-02-23 | CVE-2024-26599 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: pwm: Fix out-of-bounds access in of_pwm_single_xlate() With args->args_count == 2 args->args[2] is not defined. | 7.8 |
| 2024-02-22 | CVE-2023-52444 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid dirent corruption As Al reported in link[1]: f2fs_rename() ... if (old_dir != new_dir && !whiteout) f2fs_set_link(old_inode, old_dir_entry, old_dir_page, new_dir); else f2fs_put_page(old_dir_page, 0); You want correct inumber in the ".." link. | 7.8 |