2508 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to deny immediate NFQUEUE verdicts in netfilter nftables, which could lead to undefined behavior...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that names end with a null character in netfilter xtables, which could lead to undefined...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper initialization of certain local variables during replay requests, potentially leading to...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-015470)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-015470 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior...
Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior
Summary An integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked with an invalid index, resulting in Undefined Behavior. Details Tested...
GHSA-38C5-483C-4QQP Grid: Integer Overflow in Grid::expand_rows Leads to Safe-API Undefined Behavior
Summary An integer overflow in Grid::expandrows can corrupt the relationship between the grid’s logical dimensions and its backing storage. After the internal invariant is broken, the safe API get may invoke getunchecked with an invalid index, resulting in Undefined Behavior. Details Tested...
Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend
Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...
RUSTSEC-2026-0134 Unsound access to padding bytes while serializing date/time values using the Mysql backend
Diesel relies on libmysqlclient for interacting with Mysql compatible databases. This library requires to provide date/time values according to the byte layout of their MYSQLTIME type. Diesel replicated this type as reprC struct, populated all the fields of this struct and then casted this value ...
PT-2026-37174
Name of the Vulnerable Software and Affected Versions Grid versions 0.17.0 through 1.0.0 Description An integer overflow in the expand rows function can corrupt the relationship between the grid's logical dimensions and its backing storage. This occurs because the function computes the new backin...
bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
...
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior via the decodesigned32 function in src/bacnet/bacint.c that reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four...
CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
CVE-2026-31525
CVE-2026-31525 concerns the Linux kernel BPF interpreter’s signed 32-bit division/modulo (sdiv32/smod32). The issue arises from using abs() on s32 operands, which is undefined for S32_MIN, causing incorrect results that can mismatch verifier behavior and enable out-of-bounds map access. A fix int...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a netlink policy scope check in ctnetlink. This vulnerability may lead to undefined behavio...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013741 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...
Linux Distros Unpatched Vulnerability : CVE-2026-31525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013481)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013481 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit...
CVE-2026-40279
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
CVE-2026-40279 BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
EUVD-2026-24166
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...