2521 matches found
kernel: lib/fonts: fix undefined behavior in bit shift for get_default_font
In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
FreeBSD : Mozilla -- XPath parsing undefined behavior (a2d5bd7b-2e85-11f0-a989-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a2d5bd7b-2e85-11f0-a989-b42e991fc52e advisory. [email protected] reports: A vulnerability was identified in Thunderbird where XPath parsing could...
SUSE CVE-2025-37846
In the Linux kernel, the following vulnerability has been resolved: arm64: mops: Do not dereference src reg for a set operation The source register is not used for SET and reading it can result in a UBSAN out-of-bounds array access error, specifically when the MOPS exception is taken from a SET...
PT-2025-20643 · Gnu +1 · Gnu Pspp +1
Name of the Vulnerable Software and Affected Versions: GNU PSPP versions 2.0.1 and earlier Description: The issue allows attackers to cause a heap-based buffer overflow in the inflate read function, which is called indirectly from zip member read all in zip-reader.c. This can be exploited to caus...
SUSE CVE-2022-49907
In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
CVE-2025-32022
Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...
SUSE CVE-2022-49870
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in...
SUSE CVE-2025-3416
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string...
CVE-2025-32022 Finit has heap based buffer overwrite in urandom.so plugin
Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...
CVE-2025-32022
Finit provides fast init for Linux systems. Finit's urandom plugin has a heap buffer overwrite vulnerability at boot which leads to it overwriting other parts of the heap, possibly causing random instabilities and undefined behavior. The urandom plugin is enabled by default, so this bug affects...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
clk: samsung: Fix UBSAN panic in samsung_clk_init()
...
iscsi_ibft: Fix UBSAN shift-out-of-bounds warning in ibft_attr_show_nic()
...
firefox: thunderbird: Unsafe attribute access during XPath parsing
A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: A vulnerability was identified in Firefox where XPath parsing could trigger undefined behavior due to missing null checks during attribute access. This could lead to out-of-bounds read access an...
Unsound issue in Trailer
Our static analyzer find a potential unsound issue in the construction of Trailer, where it doesn't provide enough check to ensure the soundness. trailer/src/lib.rs, Lines 18 to 25 in d474984: pub fn newcapacity: usize - Trailer unsafe let trailer = Trailer::allocatecapacity; let ptr = trailer.pt...
DEBIAN-CVE-2023-53112
In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix maxsubslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae "drm/i915/sseu: Don't try to store EU mask internally in UAPI format" exposed a potential out-of-bounds access, reported by UBSAN ...
SUSE CVE-2025-37752
In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: move the limit validation It is not sufficient to directly validate the limit on the data that the user passes as it can be updated based on how the other parameters are changed. Move the check at the end of the...