94 matches found
UBUNTU-CVE-2026-46197
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the nattr field in the DRM/AMDKFD context, where no validation is performed for buffer size. This...
Improper Memory Buffer Handling
uuid is vulnerable to Improper Memory Buffer Handling. The vulnerability is due to missing validation of buffer size and offset values during UUID generation, which allows an attacker to trigger silent partial writes into caller-provided buffers...
CVE-2026-40614
A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a buffer overflow vulnerability when decoding Opus audio frames due to insufficient buffer size validation. This flaw allows for a heap buffer overflow, which may lead to arbitrary code execution or...
CVE-2026-40614 PJSIP: Heap buffer overflow in Opus codec decoding
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
CVE-2026-40614
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is a buffer overflow when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers decframe.buf were allocated based on a...
PT-2026-34044
Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.17 Description A heap buffer overflow occurs when decoding Opus audio frames due to insufficient buffer size validation in the Opus codec decode path. The FEC decode buffers dec frame.buf are allocated using a...
CVE-2026-21378
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver...
CVE-2026-21371
Memory Corruption when retrieving output buffer with insufficient size validation...
EUVD-2026-19325
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
EUVD-2025-209231
Cryptographic issue while copying data to a destination buffer without validating its size...
CVE-2026-21374
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation...
PT-2026-30645
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
PT-2026-30643
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing...
Qualcomm Chipsets 安全漏洞
Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, and these vulnerabilities stem from insufficient size validation during the retrieval of output buffers, which may lead to memory corruption...
CVE-2026-24677 FreeRDP has a heap-buffer-overflow in ecam_encoder_compress_h264
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.22.0, ecamencodercompressh264 trusts server-controlled dimensions and does not validate the source buffer size, leading to an out-of-bounds read in swsscale. This vulnerability is fixed in 3.22.0...
CLSA-2026-1769701814 gimp: Fix of 2 CVEs
CVE-2025-14425: fix JP2 image loader buffer overflow by validating pixel buffer size calculation to prevent potential remote code execution - CVE-2025-14422: fix parsing of PNM files to prevent integer overflow leading to remote code execution...
CVE-2025-37178
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can...
CVE-2025-37179
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can...
CVE-2025-37178
Multiple out-of-bounds read vulnerabilities were identified in a system component responsible for handling certain data buffers. Due to insufficient validation of maximum buffer size values, the process may attempt to read beyond the intended memory region. Under specific conditions, this can...