17 matches found
DEBIAN-CVE-2026-52719
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
CVE-2026-52719
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
CVE-2026-52719
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
CVE-2026-52719
GStreamer: out-of-bounds read in the VA JPEG decoder of gst-plugins-bad (CVE-2026-52719). The JPEG parser reads a segment length without validating against available data, enabling a remote attacker to craft a JPEG that, when opened by a user, may cause parsing to read beyond the input buffer, po...
CVE-2026-52719 Gstreamer1-plugins-bad-free: gstreamer: out-of-bounds read via jpeg segment length validation in va decoder
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
UBUNTU-CVE-2026-46119
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15
In the Linux kernel, the following vulnerability has been resolved: Wifi: mt7601u: Fix an integer underflow An integer underflow caused by a null pointer dereference occurred in mt7601urxskbfromseg. The variable dmalen in the URB packet could be manipulated, which could trigger an integer underfl...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011039)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011039 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer...
UBUNTU-CVE-2023-53679
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601urxskbfromseg'. The variable 'dmalen' in the URB packet could be manipulated, which could trigger an integer...
EUVD-2025-32740
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601urxskbfromseg'. The variable 'dmalen' in the URB packet could be manipulated, which could trigger an integer...
CVE-2023-53679
CVE-2023-53679 pertains to the Linux kernel Bluetooth/WiFi stack, specifically the mt7601u driver in the wifi subsystem. The issue is an integer underflow in the URB handling path that can allow a null pointer dereference when processing RX segments. The root cause is a manipulated dma_len in the...
CVE-2023-53679 wifi: mt7601u: fix an integer underflow
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601urxskbfromseg'. The variable 'dmalen' in the URB packet could be manipulated, which could trigger an integer...
PT-2025-41123
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0+ Description An integer underflow issue exists in the Linux kernel's mt7601u driver, specifically within the 'mt7601u rx skb from seg' function. This underflow can occur due to manipulation of the dma len...
kernel: wifi: mt7601u: fix an integer underflow
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601urxskbfromseg'. The variable 'dmalen' in the URB packet could be manipulated, which could trigger an integer...
kernel: wifi: mt7601u: fix an integer underflow
In the Linux kernel, the following vulnerability has been resolved: wifi: mt7601u: fix an integer underflow Fix an integer underflow that leads to a null pointer dereference in 'mt7601urxskbfromseg'. The variable 'dmalen' in the URB packet could be manipulated, which could trigger an integer...
PT-2023-13032 · Cypress · Cypress Bluetooth Mesh Sdk
Name of the Vulnerable Software and Affected Versions: Cypress Bluetooth Mesh SDK version BSA0107 05.01.00-BX8-AMESH-08 Description: The issue is related to a buffer overflow that can allow the execution of arbitrary code remotely. It is caused by an out-of-bound write vulnerability during mesh...
Realtek Linux/Android Bluetooth Mesh SDK 安全漏洞
Realtek Linux/Android Bluetooth Mesh SDK is a Bluetooth mesh networking software development kit from Realtek Semiconductor China. A security vulnerability exists in the previous version of Realtek Linux/Android Bluetooth Mesh SDK v4.18-4.18-20220218, which stems from an insufficient validation o...