Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates in the tracing module that triggers a warning in bitmapparseuser when a large count value is supplied and there ...

PT-2025-39344

Name of the Vulnerable Software and Affected Versions GIMP affected versions not specified Description An integer overflow exists in the WBMP file parsing functionality of GIMP. This issue could allow for remote code execution. Recommendations At the moment, there is no information about a newer...

CVE-2024-56686

In the Linux kernel, the following vulnerability has been resolved: ext4: fix race in bufferhead read fault injection When I enabled ext4 debug for fault injection testing, I encountered the following warning: EXT4-fs error device sda: ext4readinodebitmap:201: comm fsstress: Cannot read inode...

Security update for poppler

This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

CVE-2024-56686

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-56686

...

PT-2024-36995 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a race condition in the ext4 file system's buffer head read fault injection. This occurs because the completion of buffer head read and the buffer head fault...

Security update for poppler

This update for poppler fixes the following issues: CVE-2024-56378: Fixed out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc bsc1234795 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

SUSE CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

DEBIAN-CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

SUSE CVE-2024-53141

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmapipuadt When tbIPSETATTRIPTO is not present but tbIPSETATTRCIDR exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but...

CVE-2024-53141

CVE-2024-53141 affects the Linux kernel netfilter ipset bitmap_ip_uadt logic. When tb[IPSET_ATTR_IP_TO] is absent but tb[IPSET_ATTR_CIDR] is present, the ip and ip_to values can be swapped, causing a missing range check for ip. The fix adds the missing range checks and removes unnecessary ones. C...

kernel: ext4: regenerate buddy after block freeing failed if under fc replay

A flaw was found in the Linux kernel's ext4 filesystem related to the fast commit replay process. During this process, blocks that are already marked as free can be incorrectly marked as free again, leading to the corruption of the buddy bitmap, which is used to track free and allocated blocks...

Tungsten Automation Power PDF 缓冲区错误漏洞

Tungsten Automation Power PDF Kofax Power PDF is a powerful PDF processing software from Tungsten Automation. Tungsten Automation Power PDF suffers from a buffer error vulnerability that stems from the parsing of BMP files containing an out-of-bounds write issue. An attacker exploiting this...

The vulnerability of the md/md-bitmap components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the md/md-bitmap components in the Linux operating system is related to resource management errors. Exploiting this vulnerability can allow an attacker to cause service failures...

PT-2025-3623

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue concerns the Linux kernel's wifi functionality, specifically the cfg80211 module. During link deletion, the link ID is removed from the valid links bitmap before cleanup...

USN-7112-1 libgd2 vulnerability

It was discovered that the GD Graphics Library did not perform proper bounds checking while handling BMP and WebP files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service application crash...

PT-2024-10022

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.19.325, 6.11.11, and 6.12.2 Description The issue is related to a missing range check in the bitmap ip uadt function within the Linux kernel's netfilter module. This occurs when tbIPSET ATTR IP TO is not presen...

kernel: ext4: avoid allocating blocks from corrupted group in ext4_mb_find_by_goal()

A vulnerability was found in the ext4mbfindbygoal function in the Linux kernel. This issue could lead to memory corruption or crashes due to the allocation of blocks from a group with a corrupted block bitmap...