57 matches found
EUVD-2026-40246
A buffer overflow in the GetAttributeList function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service DoS via supplying a crafted Common Packet Format CPF packet...
CVE-2026-51221
A buffer overflow in the GetAttributeList function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service DoS via supplying a crafted Common Packet Format CPF packet...
CVE-2026-51221
A buffer overflow in the GetAttributeList function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service DoS via supplying a crafted Common Packet Format CPF packet...
PT-2026-53750
Name of the Vulnerable Software and Affected Versions EIPStackGroup OpENer commit 76b95c Description A buffer overflow occurs in the Get Attribute List function when processing a specially crafted Common Packet Format CPF packet, which is a standardized data structure used for communication. This...
CVE-2026-51221
CVE-2026-51221 describes a buffer overflow in the Get_Attribute_List() function of the EIPStackGroup OpENer project (commit 76b95c) that can cause a Denial of Service when processing a crafted CPF packet. Affected component is the OpENer EIP stack; the root cause is a buffer overflow in the Get_A...
CVE-2026-51221
A buffer overflow in the GetAttributeList function of EIPStackGroup OpENer commit 76b95c allows attackers to cause a Denial of Service DoS via supplying a crafted Common Packet Format CPF packet...
CVE-2026-45252
CVE-2026-45252 : In fusefs, when extended attributes are queried via FUSE_LISTXATTR, the kernel may call strlen() on a daemon-provided buffer without ensuring the list is fully NUL-terminated. If the list is not NUL-terminated, the fusefs kernel module may read past the end of a heap buffer and p...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed a NULL dereference bug. The issue arises when this function is called from ntfsloadattrlist. The value of “size” is calculated as le32tocpuattr-res.datasize. On 64-bit systems, this does not cause an overflow, but...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Enhanced sanity check during attribute list generation The nicreateattrlist function uses WARNON to catch error cases during attribute list generation. Currently, it only prints the stack trace, which may not be...
CLSA-2026-1779219098 grub2: Fix of CVE-2023-4692
CVE-2023-4692: fix OOB write when parsing NTFS $ATTRIBUTELIST entries...
fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
...
UBUNTU-CVE-2025-71267
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
CVE-2025-71267
CVE-2025-71267 : In the Linux kernel ntfs3 file system, a flaw in ATTR_LIST handling can cause an infinite loop and DoS during mount. Specifically, when ntfs_load_attr_list() processes a resident ATTR_LIST with data_size set to zero, memory is still allocated due to al_aligned(0), leaving ni->...
CVE-2025-71267 fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop triggered by zero-sized ATTRLIST We found an infinite loop bug in the ntfs3 file system that can lead to a Denial-of-Service DoS condition. A malformed NTFS image can cause an infinite loop when an...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000824)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000824 advisory. Multiple buffer underflows in the XFS implementation in the Linux kernel through 3.12.1 allow local users to cause a denial of service memory corruption or possibly...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002591)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002591 advisory. Multiple memory leaks in error paths in fs/xfs/xfsattrlist.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service memory consumption via...
CVE-2025-22832 Buffer Overflow in NTFS when parsing the ATTRIBUTE_LIST
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...
CVE-2025-22832 Buffer Overflow in NTFS when parsing the ATTRIBUTE_LIST
APTIOV contains a vulnerability in BIOS where an attacker may cause an Out-of-bounds Write by local. Successful exploitation of this vulnerability may lead to data corruption and loss of availability...
CVE-2025-22832
CVE-2025-22832 concerns a local, BIOS-level out-of-bounds write in AMI AptioV. The vulnerability affects AptioV BIOS (firmware) and is exploitable by a local attacker, with reported impacts including data corruption and loss of availability. The CVSS context indicates a local attack vector with l...
EUVD-2018-8246
Malware in sbrugna...