2521 matches found
UBUNTU-CVE-2025-21724
In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant "1" of type int by bitmap-mapped.pgshift an unsigned long val...
CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...
CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...
CVE-2024-58017
In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...
CVE-2025-21724
In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant "1" of type int by bitmap-mapped.pgshift an unsigned long val...
CVE-2025-21724
CVE-2025-21724: In the Linux kernel’s iommufd/iova_bitmap, UBSAN shift-out-of-bounds occurred in iova_bitmap_offset_to_index() when shifting the constant 1 by bitmap->mapped.pgshift (unsigned long). If pgshift > 31, the 32-bit int shift overflowed, causing undefined behavior. The fix promot...
PT-2025-8996 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the RDMA/rtrs component, where a missing deinit call triggered a warning when repeatedly connecting and...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of devmrequestmemregion, which could lead to undefined behavior...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds shift operation in the iovabitmapoffsettoindex function, which could lead to undefined...
DEBIAN-CVE-2022-49720
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
UBUNTU-CVE-2022-49720
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
CVE-2022-49720 block: Fix handling of offline queues in blk_mq_alloc_request_hctx()
In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...
PT-2025-8486 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the fs/ntfs3 module. The issue arises when the NTFS BOOT sectors per clusters field has a value greater than 0x80...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized value access, which could lead to undefined behavior...
GHSA-H7H7-6MX3-R89V Fyrox has unsound usages of `Vec::from_raw_parts`
The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...
Fyrox has unsound usages of `Vec::from_raw_parts`
The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an undefined behavior due to uninitialized stack access in ipvsprotocolinit. Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bnxtre: avoid shift undefined behavior in bnxtqpliballocinithwq Undefined behavior is triggered when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case,...
CVE-2025-1153
A flaw was found in GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior...
CVE-2025-1152
A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior...