CVE-2025-10456

CVE-2025-10456 concerns BLE fixed-channel handling (SMP/ATT) in Zephyr RTOS. The root issue: a device may be tricked into sending a disconnection request for a fixed channel, which is disallowed by the Bluetooth spec, triggering undefined behavior such as assertion failures, crashes, or memory co...

PT-2025-38514

Name of the Vulnerable Software and Affected Versions Bluetooth Low Energy BLE affected versions not specified Description A flaw exists in the handling of Bluetooth Low Energy BLE fixed channels, such as SMP or ATT. An attacker can exploit this issue, causing the BLE target device to attempt to...

Zephyr 安全漏洞

Zephyr is an extensible real-time operating system RTOS open-sourced by Zephyr. A security vulnerability exists in Zephyr that stems from a flaw in the handling of the Bluetooth Low Energy Fixed Channel, which could lead to undefined behavior, including assertion failure, crashes, or memory...

SUSE CVE-2022-50390

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

CVE-2022-50403

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

CVE-2022-50403

In the Linux kernel, the following vulnerability has been resolved: ext4: fix undefined behavior in bit shift for ext4checkflagvalues Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds i...

CVE-2022-50403

CVE-2022-50403 is documented in connected advisories as a kernel/ext4 issue: undefined behavior in a bit-shift check within ext4_check_flag_values. Red Hat RHSA-2025-23947 (RHEL 7 kernel) and RHSA-2025-23445 (RHEL 8 kernel) enumerate this CVE among security fixes for the kernel. Affected componen...

CVE-2022-50390

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

DEBIAN-CVE-2022-50390

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

UBUNTU-CVE-2023-53395

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of...

CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

CVE-2022-50390

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

CVE-2022-50390 drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...

firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to undefined behavior, invalid pointer in the Graphics...

firefox: thunderbird: Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to undefined behavior, invalid pointer in the Graphics...

Denial Of Service (DoS)

ImageMagick is vulnerable to Denial of Service DoS. The vulnerability is due to a function-type-mismatch in the splay tree cloning callback, which allows an attacker to trigger a deterministic abort under UBSan, leading to service disruption in sanitizer builds...

PT-2025-38338

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to undefined behavior in a bit shift operation within the DRM/TTM subsystem. Specifically, shifting a signed 32-bit value by 31 bits can lead to...

PT-2025-38420

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in ext4 related to undefined behavior in a bit shift operation within the ext4 check flag values function. Shifting a signed 32-bit value by 31 bits is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an undefined behavior in the TTMTTFLAGPRIVPOPULATED bit manipulation, which could lead to an integer overflo...