what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2023-52531

Status Candidate

Overview

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc()'ed for: sizeof(struct iwl_nvm_data) + sizeof(struct ieee80211_channel) + sizeof(struct ieee80211_rate) 'mvm->nvm_data' is a 'struct iwl_nvm_data', so it is fine. At the end of this structure, there is the 'channels' flex array. Each element is of type 'struct ieee80211_channel'. So only 1 element is allocated in this array. When doing: mvm->nvm_data->bands[0].channels = mvm->nvm_data->channels; We point at the first element of the 'channels' flex array. So this is fine. However, when doing: mvm->nvm_data->bands[0].bitrates = (void *)((u8 *)mvm->nvm_data->channels + 1); because of the "(u8 *)" cast, we add only 1 to the address of the beginning of the flex array. It is likely that we want point at the 'struct ieee80211_rate' allocated just after. Remove the spurious casting so that the pointer arithmetic works as expected.

Related Files

Ubuntu Security Notice USN-7121-3
Posted Nov 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | e3878773279c2cc7787becc280d79d35ca2a4f4d79b0fc182cbb738a521ca071
Ubuntu Security Notice USN-7121-2
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | 223942b47ef30b7d3a955f60c12af00a5f9088ad5192855d21ec724efb01c839
Ubuntu Security Notice USN-7121-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | a5d279642a2825e810ea4cd3f8cf90409d9d98c7800a435ae7b18ad49a98dac3
Ubuntu Security Notice USN-7119-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47188, CVE-2022-36402, CVE-2022-48863, CVE-2023-52531, CVE-2023-52614, CVE-2023-52918, CVE-2024-26607, CVE-2024-26640, CVE-2024-26641, CVE-2024-26668, CVE-2024-26669, CVE-2024-26677, CVE-2024-26885, CVE-2024-26960
SHA-256 | 0ac8232eca124498c64e1f39ff4a55d32797211ade5b92cbb09450e9c8fd78da
Ubuntu Security Notice USN-7088-4
Posted Nov 7, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-4 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47212, CVE-2022-36402, CVE-2023-52531, CVE-2023-52918, CVE-2024-26668, CVE-2024-26669, CVE-2024-26891, CVE-2024-27051, CVE-2024-38602, CVE-2024-40929, CVE-2024-41011, CVE-2024-41012, CVE-2024-41015, CVE-2024-41022
SHA-256 | d8177c3b5ff3c3d3fda97932c7f3da74d07c7efb90a9240a35307b994d06b627
Ubuntu Security Notice USN-7088-3
Posted Nov 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7088-3 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47212, CVE-2022-36402, CVE-2023-52531, CVE-2023-52614, CVE-2023-52918, CVE-2024-26640, CVE-2024-26641, CVE-2024-26668, CVE-2024-26891, CVE-2024-38602, CVE-2024-38611, CVE-2024-40929, CVE-2024-41012, CVE-2024-41015
SHA-256 | 07a058d393aeb3ca0e8521b79d58db34aa38d2a713a564c2cb964636e33b13cc
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    25 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close