Vulnerabilities > Out-of-bounds Write
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-11 | CVE-2024-45026 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient (ESE) or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasd_ese_needs_format function checks for error codes that signal the non existence of a proper track format. The check for incorrect length is to imprecise since other error cases leading to transport of insufficient data also have this flag set. This might lead to data corruption in certain error cases for example during a storage server warmstart. Fix by removing the check for incorrect length and replacing by explicitly checking for invalid track format in transport mode. Also remove the check for file protected since this is not a valid ESE handling case. | 7.8 |
| 2024-09-11 | CVE-2024-45030 | Out-of-bounds Write vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: igb: cope with large MAX_SKB_FRAGS Sabrina reports that the igb driver does not cope well with large MAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload corruption on TX. An easy reproducer is to run ssh to connect to the machine. | 5.5 |
| 2024-09-11 | CVE-2024-8636 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.137 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
| 2024-09-11 | CVE-2024-40658 | Out-of-bounds Write vulnerability in Google Android In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a heap buffer overflow. | 7.8 |
| 2024-09-10 | CVE-2024-8443 | Out-of-bounds Write vulnerability in multiple products A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. | 2.9 |
| 2024-09-09 | CVE-2024-27365 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. | 5.5 |
| 2024-09-09 | CVE-2024-27383 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. | 7.8 |
| 2024-09-09 | CVE-2024-27387 | Out-of-bounds Write vulnerability in Samsung products An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. | 7.8 |
| 2024-09-09 | CVE-2024-44375 | Out-of-bounds Write vulnerability in Dlink Di-8100 Firmware 16.07.26A1 D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. | 7.5 |
| 2024-09-05 | CVE-2024-32668 | Out-of-bounds Write vulnerability in Freebsd An insufficient boundary validation in the USB code could lead to an out-of-bounds write on the heap, with data controlled by the caller. A malicious, privileged software running in a guest VM can exploit the vulnerability to achieve code execution on the host in the bhyve userspace process, which typically runs as root. | 8.2 |