293 matches found
CVE-2025-38463
In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...
Security Bulletin: Containerd can cause an overflow condition where the container ultimately runs as root, which affects IBM watsonx.data
Summary containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately run...
xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension
A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate...
DEBIAN-CVE-2022-50080
In the Linux kernel, the following vulnerability has been resolved: tee: add overflow check in registershmhelper With special lengths supplied by user space, registershmhelper has an integer overflow when calculating the number of pages covered by a supplied user space memory region. This causes...
CVE-2025-48990 NeKernel has Heap Overflow in `rt_copy_memory`
NeKernal is a free and open-source operating system stack. Version 0.0.2 has a 1-byte heap overflow in rtcopymemory, which unconditionally wrote a null terminator at dstlen. When len equals the size of the destination buffer 256 bytes, that extra '\0' write overruns the buffer by one byte. To avo...
CVE-2023-21065
In fdtnexttag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...
CVE-2018-13068
The mintToken function of a smart contract implementation for AzurionToken AZU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...
Security update for glib2
This update for glib2 fixes the following issues: CVE-2025-3360: Fixed integer overflow and buffer underread when parsing a very long and invalid ISO 8601 timestamp with gdatetimenewfromiso8601 bsc1240897. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...
SUSE CVE-2025-37858
In the Linux kernel, the following vulnerability has been resolved: fs/jfs: Prevent integer overflow in AG size calculation The JFS filesystem calculates allocation group AG size using 1 2TB aggregates on 32-bit systems, this 32-bit shift operation causes undefined behavior and improper AG sizing...
Security update for krb5
This update for krb5 fixes the following issues: CVE-2025-24528: Prevent overflow when calculating ulog block size. An authenticated attacker can cause kadmind to write beyond the end of the mapped region for the iprop log file, likely causing a process crash; bsc1236619. Patch Instructions: To...
CVE-2025-32050
A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read...
CVE-2025-32050
A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read...
UBUNTU-CVE-2025-32050
A flaw was found in libsoup. The libsoup appendparamquoted function may contain an overflow bug resulting in a buffer under-read...
CVE-2025-32050
CVE-2025-32050 affects the libsoup library (append_param_quoted overflow) with a memory corruption risk (integer overflow/under-read) as noted in multiple advisories. The issue is reported across several distributions (e.g., Rocky Linux, AlmaLinux, Amazon Linux 2023) with libsoup updates released...
Medium: containerd
Issue Overview: containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container...
SUSE CVE-2023-52980
In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queuesize to fix overflow When validating drafted SPDK ublk target, in a case that assigning large queue depth to multiqueue ublk device, ublk target would run into a weird incorrect state. During rounds of...
CVE-2023-52980 block: ublk: extending queue_size to fix overflow
In the Linux kernel, the following vulnerability has been resolved: block: ublk: extending queuesize to fix overflow When validating drafted SPDK ublk target, in a case that assigning large queue depth to multiqueue ublk device, ublk target would run into a weird incorrect state. During rounds of...
OESA-2025-1324 containerd security update
containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...
curl: Buffer Overflow in curl's Rustls Backend
Summary: summary of the vulnerability A buffer overflow vulnerability exists in the curl library's Rustls backend due to an integer overflow in the dynamic buffer management. This issue could potentially allow an attacker to overwrite memory, leading to application crashes or, in theory, arbitrar...
binfmt_flat: Fix integer overflow bug on 32 bit systems
...