ROOT-OS-UBUNTU-2204-CVE-2026-23298 CVE-2026-23298 in rootio-linux - Patched by Root

Root has patched CVE-2026-23298 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-UBUNTU-2404-CVE-2026-23298 CVE-2026-23298 in rootio-linux - Patched by Root

Root has patched CVE-2026-23298 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-23298 CVE-2026-23298 in rootio-linux - Patched by Root

Root has patched CVE-2026-23298 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

ROOT-OS-DEBIAN-11-CVE-2026-23298 CVE-2026-23298 in rootio-linux - Patched by Root

Root has patched CVE-2026-23298 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

CVE-2026-23298

creationtimestamp| type| source ---|---|--- 2026-03-29 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0376/ 2026-05-05 20:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities20260506 2026-05-31 20:00:00+00:00| seen|...

CVE-2026-23298

In the Linux kernel, the following vulnerability has been resolved: can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop for forever in ucanreadbulkcallback, hanging the system. If the lengt...

Linux Distros Unpatched Vulnerability : CVE-2026-23298

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - can: ucan: Fix infinite loop from zero-length messages If a broken ucan device gets a message with the message length field set to 0, then the driver will loop...

CVE-2025-23298

creationtimestamp| type| source ---|---|--- 2025-09-24 14:41:25+00:00| seen| https://www.thezdi.com/blog/2025/9/23/cve-2025-23298-getting-remote-code-execution-in-nvidia-merlin 2025-09-24 16:52:28+00:00| seen| https://infosec.exchange/users/thezdi/statuses/115260309377365805...

CVE-2024-23298

A logic issue was addressed with improved state management. This issue is fixed in Xcode 15.3. An app may bypass Gatekeeper checks...

CVE-2023-23298

The Toybox.Graphics.BufferedBitmap.initialize API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters...

Exploit for CVE-2024-23298

PoC for CVE...

CVE-2024-23298

A logic issue was addressed with improved state management. This issue is fixed in Xcode 15.3. An app may bypass Gatekeeper checks...

CVE-2024-23298

A logic issue was addressed with improved state management. This issue is fixed in Xcode 15.3. An app may bypass Gatekeeper checks...

CVE-2024-23298

CVE-2024-23298 affects Apple Xcode (prior to version 15.3). The issue is described as a logic problem in state management that enables Gatekeeper bypass. Multiple connected sources corroborate a local/remote-leaning impact tied to Gatekeeper checks being bypassed, with Apple noting the fix in Xco...

CVE-2024-23298

A logic issue was addressed with improved state management. This issue is fixed in Xcode 15.3. An app may bypass Gatekeeper checks...

About the security content of Xcode 15.3

About the security content of Xcode 15.3 This document describes the security content of Xcode 15.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available...

CVE-2023-23298

creationtimestamp| type| source ---|---|--- 2023-05-24 00:37:22+00:00| seen| https://t.me/cibsecurity/64649...

CVE-2023-23298

The Toybox.Graphics.BufferedBitmap.initialize API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters...

CVE-2023-23298

The Toybox.Graphics.BufferedBitmap.initialize API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters...

CVE-2023-23298

The CVE-2023-23298 issue affects Garmin CIQ API: Toybox.Graphics.BufferedBitmap.initialize at CIQ API versions 2.3.0 through 4.1.7. Root cause is lack of parameter validation that can trigger integer overflows during bitmap buffer allocation, potentially allowing malicious input to hijack firmwar...