Lucene search
K

477 matches found

OSV
OSV
added 2026/01/14 3:16 p.m.5 views

UBUNTU-CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.9AI score0.00124EPSS
Exploits0References10
Debian CVE
Debian CVE
added 2026/01/14 3:7 p.m.6 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS5.5AI score0.00124EPSS
Exploits0
CVE
CVE
added 2026/01/14 3:7 p.m.17 views

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

5.5CVSS6.2AI score0.00124EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/14 3:7 p.m.5 views

CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.4AI score0.00124EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/01/14 3:7 p.m.28 views

CVE-2025-71128 erspan: Initialize options_len before referencing options.

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

0.00124EPSS
Exploits0References2
CVE
CVE
added 2026/01/14 3:6 p.m.17 views

CVE-2025-71123

CVE-2025-71123 affects the Linux kernel Ext4 mount option parsing. The vulnerability stems from improper string copying in parse_apply_sb_mount_options(), where strscpy_pad() could copy a non-NUL-terminated string into a fixed-size destination, triggering fortify warnings (strnlen: detected buffe...

7.8CVSS6AI score0.00153EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-71128

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a...

5.5CVSS6.1AI score0.00124EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.10 views

CVE-2018-1000607

A arbitrary file write vulnerability exists in Jenkins Fortify CloudScan Plugin 1.5.1 and earlier in ArchiveUtil.java that allows attackers able to control rulepack zip file contents to overwrite any file on the Jenkins master file system, only limited by the permissions of the user the Jenkins...

6.5CVSS6.8AI score0.00852EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-6129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the scsi subsystem, specifically in the qla2xxx driver. The qla27xx copy fpin pkt and qla27xx copy multiple pkt functions use the frame size...

7AI score0.00168EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/25 1:3 a.m.8 views

SUSE CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.5CVSS6.1AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.4 views

SUSE CVE-2023-54056

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

7AI score0.00191EPSS
Exploits0References3
EUVD
EUVD
added 2025/12/24 3:30 p.m.3 views

EUVD-2023-60270

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

6.4AI score0.00191EPSS
Exploits0References8
EUVD
EUVD
added 2025/12/24 3:30 p.m.5 views

EUVD-2022-55783

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.5AI score0.00199EPSS
Exploits0References4
NVD
NVD
added 2025/12/24 1:16 p.m.4 views

CVE-2023-54056

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

0.00191EPSS
Exploits0References7
NVD
NVD
added 2025/12/24 1:16 p.m.6 views

CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

0.00199EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.9 views

CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.6AI score0.00199EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/24 1:16 p.m.4 views

CVE-2023-54056

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

6.1AI score0.00191EPSS
Exploits0References8
OSV
OSV
added 2025/12/24 1:16 p.m.4 views

UBUNTU-CVE-2023-54056

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

6AI score0.00191EPSS
Exploits0References9
OSV
OSV
added 2025/12/24 1:16 p.m.5 views

UBUNTU-CVE-2022-50778

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.6AI score0.00199EPSS
Exploits0References5
CVE
CVE
added 2025/12/24 1:6 p.m.19 views

CVE-2022-50778

Summary: CVE-2022-50778 affects the Linux kernel where fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL is implemented. Under CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y, a runtime panic can occur due to a strlen() in hidinput_allocate(), caused by __compiletime_strlen() using __...

5.7AI score0.00199EPSS
Exploits0References3
Rows per page
Query Builder