Vulnerabilities > Integer Overflow or Wraparound
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-01 | CVE-2024-21470 | Integer Overflow or Wraparound vulnerability in Qualcomm products Memory corruption while allocating memory for graphics. | 7.8 |
| 2024-03-26 | CVE-2024-2212 | Integer Overflow or Wraparound vulnerability in Eclipse Threadx In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c) were missing parameter checks. | 7.8 |
| 2024-03-26 | CVE-2024-2452 | Integer Overflow or Wraparound vulnerability in Eclipse Threadx Netx DUO In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. | 9.8 |
| 2024-03-15 | CVE-2021-47109 | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: neighbour: allow NUD_NOARP entries to be forced GCed IFF_POINTOPOINT interfaces use NUD_NOARP entries for IPv6. | 5.5 |
| 2024-03-04 | CVE-2021-47098 | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: hwmon: (lm90) Prevent integer overflow/underflow in hysteresis calculations Commit b50aa49638c7 ("hwmon: (lm90) Prevent integer underflows of temperature calculations") addressed a number of underflow situations when writing temperature limits. | 7.8 |
| 2024-02-27 | CVE-2021-46940 | Integer Overflow or Wraparound vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idx_to_offset() function returns type int (32-bit signed), but MSR_PKG_ENERGY_STAT is u32 and would be interpreted as a negative number. The end result is that it hits the if (offset < 0) check in update_msr_sum() which prevents the timer callback from updating the stat in the background when long durations are used. | 5.5 |
| 2024-02-19 | CVE-2024-1633 | Integer Overflow or Wraparound vulnerability in Renesas Arm-Trusted-Firmware Rcargen32.5 During the secure boot, bl2 (the second stage of the bootloader) loops over images defined in the table “bl2_mem_params_descs”. For each image, the bl2 reads the image length and destination from the image’s certificate. Because of the way of reading from the image, which base on 32-bit unsigned integer value, it can result to an integer overflow. An attacker can bypass memory range restriction and write data out of buffer bounds, which could result in bypass of secure boot. Affected git version from c2f286820471ed276c57e603762bd831873e5a17 until (not | 2.0 |
| 2024-02-19 | CVE-2024-1580 | Integer Overflow or Wraparound vulnerability in multiple products An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. | 8.8 |
| 2024-02-05 | CVE-2024-24857 | Integer Overflow or Wraparound vulnerability in Linux Kernel A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. | 6.8 |
| 2024-02-05 | CVE-2024-20016 | Integer Overflow or Wraparound vulnerability in Google Android In ged, there is a possible out of bounds write due to an integer overflow. | 4.4 |