3661 matches found
AZL-58989 CVE-2025-21693 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...
Malicious ML Models on Hugging Face Leverage Broken Pickle Format to Evade Detection
Cybersecurity researchers have uncovered two malicious machine learning ML models on Hugging Face that leveraged an unusual technique of "broken" pickle files to evade detection. "The pickle files extracted from the mentioned PyTorch archives revealed the malicious Python content at the beginning...
CVE-2022-29240
Scylla is a real-time big data database that is API-compatible with Apache Cassandra and Amazon DynamoDB. When decompressing CQL frame received from user, Scylla assumes that user-provided uncompressed length is correct. If user provides fake length, that is greater than the real one, part of...
CVE-2019-5066
An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically crafted PDF document nee...
ALSA-2025:0925 Moderate: bzip2 security update
The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...
SUSE-SU-2025:20047-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52489: mm/sparsemem: fix race in accessing memorysection-usage bsc1221326. - CVE-2023-52581: netfilter: nftables: fix memleak when more than 255...
Fedora 41 : rust-routinator (2025-bbabead4d7)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-bbabead4d7 advisory. New ASPA support is now always compiled in and available if enable-aspa is set. The aspa Cargo feature has been removed. 990 If merging mutliple ASPA objects...
unbound: Unbounded name compression could lead to Denial of Service
A flaw was found in Unbound which can lead to degraded performance and an eventual denial of service when handling replies with very large RRsets that require name compression to be applied. Versions prior to 1.21.1 do not have a hard limit on the number of name compression calculations that...
unbound security update
1.16.2-5.8 - Prevent unbounded name compression CVE-2024-8508 1.16.2-5.7 - Rebuild to propagate to CentOS Stream RHEL-25500...
Moderate: bzip2 security update
The bzip2 packages contain a freely available, high-quality data compressor. It provides both standalone compression and decompression utilities, as well as a shared library for use with other programs. Security Fixes: bzip2: bzip2: Data integrity error when decompressing with data integrity test...
Exploit for Protection Mechanism Failure in 7-Zip
7-Zip Mark-of-the-Web Bypass Vulnerability CVE-2025-0411 - P...
Exploit for Protection Mechanism Failure in 7-Zip
7-Zip Mark-of-the-Web Bypass Vulnerability CVE-2025-0411 - P...
CVE-2024-57923
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
SUSE CVE-2024-57923
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
CVE-2024-57923
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
UBUNTU-CVE-2024-57923
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
CVE-2024-57923
CVE-2024-57923 covers a Linux kernel issue in btrfs zlib HW compression on s390 where input length passed to zlib_compress_folios() could exceed input range due to strm.avail_in calculation becoming a multiple of PAGE_SIZE. The result is an assertion in btrfs_compress_folios() (total_in > orig...
CVE-2024-57923 btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
CVE-2024-57923 btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...
CVE-2024-57923
In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix availin bytes for s390 zlib HW compression path Since the input data length passed to zlibcompressfolios can be arbitrary, always setting strm.availin to a multiple of PAGESIZE may cause read-in bytes to exceed t...