2586 matches found
PYSEC-2025-145
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...
CVE-2025-1975
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...
CVE-2025-1975
Ollama server (version 0.5.11) is affected by CVE-2025-1975. The root cause is improper validation of array index access when downloading a model via the /api/pull endpoint, allowing a malicious user to trigger a DoS and cause a server crash. The vulnerability is documented with CVSSv3 base score...
CVE-2025-1975 Improper Validation of Array Index in ollama/ollama
A vulnerability in the Ollama server version 0.5.11 allows a malicious user to cause a Denial of Service DoS attack by customizing the manifest content and spoofing a service. This is due to improper validation of array index access when downloading a model via the /api/pull endpoint, which can...
Ollama 输入验证错误漏洞
Ollama is a large language model that can be started and run locally from the Ollama open source. An input validation error vulnerability exists in Ollama version 0.5.11, which stems from insufficient validation of array index access and could lead to a denial of service attack...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
kernel: gpio: prevent potential speculation leaks in gpio_device_get_desc()
In the Linux kernel, the following vulnerability has been resolved: gpio: prevent potential speculation leaks in gpiodevicegetdesc Userspace may trigger a speculative read of an address outside the gpio descriptor array. Users can do that by calling gpioioctl with an offset out of range. Offset i...
kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions
In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...
LibreOffice Improper Validation of Array Index vulnerability (May 2025) - Linux
LibreOffice is prone to an improper validation of array index vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-45578 Improper Validation of Array Index in Camera Driver
Memory corruption while acquire and update IOCTLs during IFE output resource ID validation...
CVE-2024-45578 Improper Validation of Array Index in Camera Driver
Memory corruption while acquire and update IOCTLs during IFE output resource ID validation...
CVE-2024-45576 Improper Validation of Array Index in Camera Driver
Memory corruption while prociesing command buffer buffer in OPE module...
CVE-2024-45574 Improper Validation of Array Index in Camera Driver
Memory corruption during array access in Camera kernel due to invalid index from invalid command data...
CVE-2024-45574 Improper Validation of Array Index in Camera Driver
Memory corruption during array access in Camera kernel due to invalid index from invalid command data...
CBL Mariner 2.0 Security Update: kernel (CVE-2025-39728)
The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-39728 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in...
CVE-2023-53112
In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix maxsubslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae "drm/i915/sseu: Don't try to store EU mask internally in UAPI format" exposed a potential out-of-bounds access, reported by UBSAN ...
CVE-2023-53112
CVE-2023-53112 affects the Linux kernel DRM/I915 SSEU path. The root cause is an out-of-bounds access in intel_sseu_info_init/gen11_compute_sseu_info where gen11_sseu_info_init() could set 8 sub-slices while eu_mask->hsw is limited to 6, leading to index-out-of-bounds in a UBSAN report. The fi...
CVE-2025-37739 f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid out-of-bounds access in f2fstruncateinodeblocks syzbot reports an UBSAN issue as below: ------------ cut here ------------ UBSAN: array-index-out-of-bounds in fs/f2fs/node.h:381:10 index 18446744073709550692 is...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an array index out-of-bounds, which could lead to out-of-bounds memory accesses...
CVE-2025-39728
In the Linux kernel, the following vulnerability has been resolved: clk: samsung: Fix UBSAN panic in samsungclkinit With UBSANARRAYBOUNDS=y, I'm hitting the below panic due to dereferencing ctx-clkdata.hws before setting ctx-clkdata.num = nrclks. Move that up to fix the crash. UBSAN: array index...