10 matches found
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The COMEDIINSNLIST ioctl function allocates a kernel buffer to hold the array of struct comediinsn. The size of this array is determined from the ninsns member of the struc...
CVE-2026-22264
Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...
CVE-2026-22264 Suricata detect/alert: heap-use-after-free on alert queue expansion
Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...
CVE-2025-64076
Multiple vulnerabilities exist in cbor2 through version 5.7.0 in the decodedefinitelongstring function of the C extension decoder source/decoder.c: 1 Integer Underflow Leading to Out-of-Bounds Read CWE-191, CWE-125: An incorrect variable reference and missing state reset in the chunk processing...
CVE-2023-53727 net/sched: fq_pie: avoid stalls in fq_pie_timer()
In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 65536, fqpietimer is currently using too much time as syzbot reported. Add logic to yield the cpu every 2048 flows less than 150 usec on...
CVE-2023-53272
In the Linux kernel, the following vulnerability has been resolved: net: ena: fix shift-out-of-bounds in exponential backoff The ENA adapters on our instances occasionally reset. Once recently logged a UBSAN failure to console in the process: UBSAN: shift-out-of-bounds in...
Linux Distros Unpatched Vulnerability : CVE-2025-38481
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct...
UBUNTU-CVE-2022-49006
In the Linux kernel, the following vulnerability has been resolved: tracing: Free buffers when a used dynamic event is removed After 65536 dynamic events have been added and removed, the "type" field of the event then uses the first type number that is available not currently used by other events...
SUSE CVE-2024-26675
In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...
shadow.root.uid.65536.txt
Date: Mon, 24 May 1999 20:44:28 +0200 From: Lord Evil To: [email protected] Subject: UID 65536 and shadow-19990307 Recently one of our admins installed the shadow-19990307 package. While playing around I noticed that if a new user is created with UID 65536, he will become root upon login. No...