348 matches found
CVE-2026-23417
CVE-2026-23417 affects the Linux kernel BPF component where PROBE_MEM32 immediate stores (BPF_ST|BPF_PROBE_MEM32) were not blinded by the JIT constant-blinding path. The root cause is that convert_ctx_accesses() rewrites BPF_ST|BPF_MEM to BPF_ST|BPF_PROBE_MEM32 during verification, but the blindi...
firefox: thunderbird: JIT miscompilation in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...
[SECURITY] Fedora 44 Update: pypy3.11-7.3.21-3.3.11.fc44
PyPy's implementation of Python 3.11, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...
[SECURITY] Fedora 43 Update: pypy-7.3.21-3.fc43
PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...
[SECURITY] Fedora 44 Update: pypy3.10-7.3.19-11.3.10.fc44
PyPy's implementation of Python 3.10, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...
[SECURITY] Fedora 44 Update: pypy-7.3.21-3.fc44
PyPy's implementation of Python, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc This build of PyPy has JIT-compilation enabled...
firefox: thunderbird: JIT miscompilation in the JavaScript Engine component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation in the JavaScript Engine component...
CVE-2026-23383
In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient alignment of the JIT buffer, potentially leading to atomic tear...
CVE-2026-4702 JIT miscompilation in the JavaScript Engine component
JIT miscompilation in the JavaScript Engine component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2026-4702
JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...
CVE-2025-71270
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
Information Disclosure Vulnerability in Multiple Mozilla Products (CNVD-2026-13443)
Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox the web browser.Mozilla Thunderbird is a suite of email client software separate from the Mozilla Application Suite. An information disclosure vulnerability exists in several Mozilla produc...
CVE-2026-30960
rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...
CVE-2026-30960
The CVE entry CVE-2026-30960 has a connected advisory GHSA-9C4H-PWMF-M6FJ describing an Arbitrary Code Execution in RSSN via the JIT compilation engine exposed through the CFFI interface. The vulnerability stems from improper input validation and external control of code generation, enabling an a...
EUVD-2026-10704
rssn is a scientific computing library for Rust, combining a high-performance symbolic computation engine with numerical methods support and physics simulations functionalities. The vulnerability exists in the JIT Just-In-Time compilation engine, which is fully exposed via the CFFI Foreign Functi...
GHSA-9C4H-PWMF-M6FJ RSSN has Arbitrary Code Execution via Unvalidated JIT Instruction Generation in C-FFI Interface
Impact Vulnerability Type: Improper Control of Generation of Code 'Code Injection' CWE-94 / Improper Check for Unusual or Exceptional Conditions CWE-754 / Improper Input Validation CWE-20 / Use of Low-Level Functionality CWE-695 / Improper Privilege Management CWE-269 / External Control of System...
rssn 代码问题漏洞
rssn is a high-performance Rust scientific computing library open source by Apich Organization. rssn has code vulnerabilities, which stem from improper input validation in the JIT compilation engine, potentially allowing arbitrary code execution...
firefox: thunderbird: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: JIT miscompilation, use-after-free in the JavaScript Engine: JIT component...
firefox: thunderbird: Use-after-free in the JavaScript Engine: JIT component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Use-after-free in the JavaScript Engine: JIT component...