Lucene search
K

2521 matches found

OSV
OSV
added 2025/02/27 2:15 a.m.1 views

UBUNTU-CVE-2025-21724

In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant "1" of type int by bitmap-mapped.pgshift an unsigned long val...

7.8CVSS6.5AI score0.00176EPSS
Exploits0References20
Cvelist
Cvelist
added 2025/02/27 2:12 a.m.13 views

CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

0.00211EPSS
Exploits0References8
OSV
OSV
added 2025/02/27 2:12 a.m.8 views

CVE-2024-58017 printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

5.5CVSS6.2AI score0.00211EPSS
Exploits0References13
Debian CVE
Debian CVE
added 2025/02/27 2:12 a.m.4 views

CVE-2024-58017

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

5.5CVSS5.7AI score0.00211EPSS
Exploits0
Debian CVE
Debian CVE
added 2025/02/27 2:7 a.m.10 views

CVE-2025-21724

In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant "1" of type int by bitmap-mapped.pgshift an unsigned long val...

7.8CVSS5.6AI score0.00176EPSS
Exploits0
CVE
CVE
added 2025/02/27 2:7 a.m.116 views

CVE-2025-21724

CVE-2025-21724: In the Linux kernel’s iommufd/iova_bitmap, UBSAN shift-out-of-bounds occurred in iova_bitmap_offset_to_index() when shifting the constant 1 by bitmap->mapped.pgshift (unsigned long). If pgshift > 31, the 32-bit int shift overflowed, causing undefined behavior. The fix promot...

7.8CVSS6.4AI score0.00176EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/27 12:0 a.m.5 views

PT-2025-8996 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved. The issue is related to the RDMA/rtrs component, where a missing deinit call triggered a warning when repeatedly connecting and...

7.3AI score0.00174EPSS
Exploits0References12
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incorrect use of devmrequestmemregion, which could lead to undefined behavior...

5.5CVSS6.3AI score0.00184EPSS
Exploits0References7
CNNVD
CNNVD
added 2025/02/27 12:0 a.m.2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds shift operation in the iovabitmapoffsettoindex function, which could lead to undefined...

7.8CVSS6.5AI score0.00176EPSS
Exploits0References7
OSV
OSV
added 2025/02/26 7:1 a.m.1 views

DEBIAN-CVE-2022-49720

In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...

7.8CVSS5.5AI score0.00284EPSS
Exploits0References1
OSV
OSV
added 2025/02/26 7:1 a.m.3 views

UBUNTU-CVE-2022-49720

In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...

7.8CVSS6.2AI score0.00284EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2025/02/26 2:24 a.m.1 views

CVE-2022-49720 block: Fix handling of offline queues in blk_mq_alloc_request_hctx()

In the Linux kernel, the following vulnerability has been resolved: block: Fix handling of offline queues in blkmqallocrequesthctx This patch prevents that test nvme/004 triggers the following: UBSAN: array-index-out-of-bounds in block/blk-mq.h:135:9 index 512 is out of range for type 'long...

6.2AI score0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/02/26 12:0 a.m.4 views

PT-2025-8486 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically in the fs/ntfs3 module. The issue arises when the NTFS BOOT sectors per clusters field has a value greater than 0x80...

6.4AI score0.00239EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/02/26 12:0 a.m.1 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized value access, which could lead to undefined behavior...

5.5CVSS6AI score0.00263EPSS
Exploits0References9
OSV
OSV
added 2025/02/14 5:31 p.m.6 views

GHSA-H7H7-6MX3-R89V Fyrox has unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

7AI score
Exploits0References5
Github Security Blog
Github Security Blog
added 2025/02/14 5:31 p.m.9 views

Fyrox has unsound usages of `Vec::from_raw_parts`

The library provides a public safe API transmutevecasbytes, which incorrectly assumes that any generic type T could have stable layout, causing to uninitialized memory exposure if the users pass any types with padding bytes as T and cast it to u8 pointer. In the issue, we develop a PoC to show...

7AI score
Exploits0References5Affected Software1
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ipvs: fixed an undefined behavior due to uninitialized stack access in ipvsprotocolinit. Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator...

5.5CVSS6.5AI score0.00224EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: bnxtre: avoid shift undefined behavior in bnxtqpliballocinithwq Undefined behavior is triggered when bnxtqpliballocinithwq is called with hwqattr-auxdepth != 0 and hwqattr-auxstride == 0. In that case,...

4.4CVSS6.2AI score0.00249EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/10 9:56 p.m.10 views

CVE-2025-1153

A flaw was found in GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior...

3.1CVSS3.5AI score0.01252EPSS
Exploits1References9
RedhatCVE
RedhatCVE
added 2025/02/10 9:56 p.m.10 views

CVE-2025-1152

A flaw was found in the ld linker utility of GNU Binutils. A specially-crafted payload may be able to trigger a memory leak, which can lead to an application crash or other undefined behavior...

3.1CVSS3.5AI score0.00564EPSS
Exploits1References8
Rows per page
Query Builder