Lucene search
K

477 matches found

OSV
OSV
added 2025/12/24 1:6 p.m.5 views

CVE-2022-50778 fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL

In the Linux kernel, the following vulnerability has been resolved: fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running Android's Compatibility Test Suite's CTS android.hardware.input.cts.tests...

5.9AI score0.00199EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/24 12:23 p.m.25 views

CVE-2023-54056 kheaders: Use array declaration instead of char

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

0.00191EPSS
Exploits0References7
CVE
CVE
added 2025/12/24 12:23 p.m.13 views

CVE-2023-54056

The CVE-2023-54056 entry concerns the Linux kernel kheaders path. The underlying issue was that kernel_headers_data was defined as a char array, which trips FortifySource checks during memcpy by treating addresses as byte arrays; the fix is to define them as proper arrays (as with other code path...

6.6AI score0.00191EPSS
Exploits0References7
OSV
OSV
added 2025/12/24 12:23 p.m.5 views

CVE-2023-54056 kheaders: Use array declaration instead of char

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIGFORTIFYSOURCE, memcpy will check the size of destination and source buffers. Defining kernelheadersdata as "char" would trip this check. Since these addresses are treate...

6.8AI score0.00191EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.4 views

PT-2025-53054

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to kheaders. Specifically, the use of a 'char' declaration instead of an array declaration for kernel headers data could trigger a buffer overfl...

6.5AI score0.00191EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/12/24 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2022-50778

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running...

5.8AI score0.00199EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/17 12:30 a.m.8 views

SUSE CVE-2025-40363

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6output and ah6outputdone where extension headers are copied to/from IPv6 address fields, triggering fortify-string warnings about...

2.5CVSS6.8AI score0.00177EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/12/16 2:15 p.m.5 views

CVE-2025-40363

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6output and ah6outputdone where extension headers are copied to/from IPv6 address fields, triggering fortify-string warnings about...

5.9AI score0.00177EPSS
Exploits0References35
OSV
OSV
added 2025/12/16 1:40 p.m.5 views

CVE-2025-40363 net: ipv6: fix field-spanning memcpy warning in AH output

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: fix field-spanning memcpy warning in AH output Fix field-spanning memcpy warnings in ah6output and ah6outputdone where extension headers are copied to/from IPv6 address fields, triggering fortify-string warnings about...

6.6AI score0.00177EPSS
Exploits0References11
RedHat Linux
RedHat Linux
added 2025/11/18 9:2 a.m.3 views

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
EUVD
EUVD
added 2025/11/13 12:30 a.m.5 views

EUVD-2023-60055

The Epson Stylus SX510W embedded web management service fails to properly handle consecutive ampersand characters in query parameters when accessing /PRESENTATION/HTML/TOP/INDEX.HTML. A remote attacker can send a malformed request that triggers improper input parsing or memory handling, resulting...

8.7CVSS6.4AI score0.00496EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.6 views

kernel: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

5.5CVSS6.9AI score0.00224EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/11 9:13 a.m.2 views

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/11/11 8:21 a.m.8 views

kernel: scsi: lpfc: Use memcpy() for BIOS version

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...

5.5CVSS5.9AI score0.00167EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/11/06 12:0 a.m.0 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990608 advisory. In the Linux kernel, the following vulnerability has been resolved: ocfs2: mount fails with buffer overflow in strlen Starting with kernel 5.11 built with...

7.8CVSS6.3AI score0.00237EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.4 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989856 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here...

7.8CVSS6.3AI score0.00265EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989424)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989424 advisory. In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check struct nfctarget arrays While running under CONFIGFORTIFYSOURCE=y, syzkall...

7.1CVSS5.9AI score0.00236EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.3 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990241 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment ------------ cut here...

7.8CVSS6.3AI score0.00265EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/11/01 10:54 a.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The crash in timerlatdumpstack has been fixed. We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 bytes written to a buffer...

5.5CVSS6.7AI score0.00151EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.2 views

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26907)

RDMA/mlx5: Fixed fortify source warning while accessing Eth segment. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503475; scriptversion"1.2";...

7.8CVSS7.6AI score0.00265EPSS
Exploits0References2
Rows per page
Query Builder