Vulnerabilities > Incorrect Calculation of Buffer Size
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-19 | CVE-2017-13315 | Incorrect Calculation of Buffer Size vulnerability in Google Android In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. | 7.8 |
2024-09-13 | CVE-2024-46684 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: binfmt_elf_fdpic: fix AUXV size calculation when ELF_HWCAP2 is defined create_elf_fdpic_tables() does not correctly account the space for the AUX vector when an architecture has ELF_HWCAP2 defined. | 5.5 |
2024-08-21 | CVE-2022-48889 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof-nau8825: fix module alias overflow The maximum name length for a platform_device_id entry is 20 characters including the trailing NUL byte. | 5.5 |
2024-08-17 | CVE-2024-43843 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix out-of-bounds issue when preparing trampoline image We get the size of the trampoline image during the dry run phase and allocate memory based on that size. | 7.8 |
2024-08-14 | CVE-2024-42259 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Fix Virtual Memory mapping boundaries calculation Calculating the size of the mapped area as the lesser value between the requested size and the actual size does not consider the partial mapping offset. | 5.5 |
2024-02-27 | CVE-2021-46943 | Incorrect Calculation of Buffer Size vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an error during a set_fmt, do not overwrite the previous sizes with the invalid config. Without this patch, v4l2-compliance ends up allocating 4GiB of RAM and causing the following OOPs [ 38.662975] ipu3-imgu 0000:00:05.0: swiotlb buffer is full (sz: 4096 bytes) [ 38.662980] DMA: Out of SW-IOMMU space for 4096 bytes at device 0000:00:05.0 [ 38.663010] general protection fault: 0000 [#1] PREEMPT SMP | 7.8 |
2024-02-02 | CVE-2023-6387 | Incorrect Calculation of Buffer Size vulnerability in Silabs Gecko Software Development KIT A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | 7.5 |
2023-11-08 | CVE-2023-5941 | Incorrect Calculation of Buffer Size vulnerability in Freebsd In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. | 9.8 |
2023-10-15 | CVE-2023-45871 | Incorrect Calculation of Buffer Size vulnerability in multiple products An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. | 7.5 |
2023-10-13 | CVE-2023-4257 | Incorrect Calculation of Buffer Size vulnerability in Zephyrproject Zephyr Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows. | 9.8 |