3 matches found
CVE-2026-45258
creationtimestamp| type| source ---|---|--- 2026-06-27 10:16:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpba5c52vm27...
CVE-2026-45258
dspmmapsingle validated the requested mapping by checking the sum of the user-supplied offset and length against the buffer size. This addition could overflow, so that a large offset and length wrapped around and passed the check. The offset was then narrowed from 64 to 32 bits when converted to ...
CVE-2026-45258
The CVE-2026-45258 issue affects FreeBSD sound(4) mmap support. dsp_mmap_single() overflows when validating the requested mapping because offset+length can wrap the size check, and the offset is reduced from 64 to 32 bits for the buffer address, allowing a mapping that extends past the audio buff...