9023 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-52919
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - batman-adv: fix tpmeter counter underflow during shutdown batadvtpsendershutdown unconditionally decrements the sending atomic counter. If multiple paths e.g...
PT-2026-51663
Name of the Vulnerable Software and Affected Versions libslirp versions prior to v4.9.2 Description An integer underflow and out-of-bounds heap read exist in the TCP urgent data handling sosendoob within hypervisor host environments, such as QEMU. A privileged guest VM attacker with root or CAP N...
CVE-2026-54257
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow. Most apps will crash and some may perform incorrect buffer allocations in t...
CVE-2026-54257
CVE-2026-54257 affects Electron 42.3.1 through 42.3.2 where the Node.js Buffer API uses incorrect byte-length calculations, causing heap underflow/overflow. This can lead to crashes and, in some cases, incorrect buffer allocations (truncation or misallocation). The issue is fixed in Electron 42.3...
CVE-2026-54257 Electron: Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow
Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. From 42.3.1 until 42.3.3, Buffer performs incorrect byte length calculations resulting in heap buffer under/overflow. Most apps will crash and some may perform incorrect buffer allocations in t...
kernel: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931()
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackh323 module. This vulnerability occurs in the DecodeQ931 function when processing a zero-length value from a packet. An integer underflow during a length calculation results in a large, incorrect value...
kernel: Linux kernel: Denial of service and memory corruption in RDMA umad
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA umad User Mode Access Device component. A local user can exploit this vulnerability by manipulating input, causing an integer underflow that leads to an out-of-bounds memory write. This memory corruption can result in a denia...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.5.1.8)
The version of AOS installed on the remote host is prior to 7.5.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.5.1.8 advisory. - A flaw was found in GLib Gnome Lib. This vulnerability allows a remote attacker to cause heap corruption, leading to a deni...
SUSE-SU-2026:22193-1 Security update for mcphost
This update for mcphost fixes the following issues - CVE-2026-25680,CVE-2026-25681,CVE-2026-27136,CVE-2026-42502,CVE-2026-42506: golang.org/x/net/html: multiple issues when parsing HTML files bsc1267109. - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: ipa: Hash tables are only reset when supported. Last year, the code that manages GSI channel transactions switched from using spinlock-protected linked lists to using indexes in the ring buffer used for a channel. Recently,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: soundwire: bus: Fix unbalanced pmruntimeput causing usage count underflow This issue is addressed by the commit 443a98e649b4 “soundwire: bus: use pmruntimeresumeandget”. The calls to pmruntimeresumeandget are changed back to...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fixed the incorrect order of resource deallocation. When attempting to destroy a QP or CQ, we first reduce the reference count and potentially free the memory regions allocated for the object. Then, we request the devic...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: Fixed an issue where the nftcountersenabled counter might underflow during the nftablesaddchain function. The syzbot reports that the nftcountersenabled counter might underflow at nftablesaddchain1. This issu...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: iouring/net: The overflow check in iorecvmsgmshotprep has been fixed. The controllen variable is of type sizet unsigned long. Casting it to int could lead to an integer underflow. The checkaddoverflow function considers the type ...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: net: amd-xgbe: Fixed an issue with the data length underflow in SKB structures. A BUGON will be triggered in the include/linux/skbuff.h file, resulting in intermittent kernel panics when a data length underflow is detected. This...
Astra Linux – Vulnerability in Blender
An integer underflow in the DDS loader of Blender leads to an out-of-bounds read, potentially allowing an attacker to read sensitive data using a crafted DDS image file. This flaw affects Blender versions prior to 2.83.19, 2.93.8, and 3.1...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: prevented the use of deleted inodes. syzbot reported a warning in nilfsrmdir. 1 Due to the corrupted inode bitmap, an inode with a number that should exist as a ".nilfs" file was reassigned by nilfsmkdir for "file0",...
Astra Linux – Vulnerability in Golang-1.15
In Go versions before 1.14.14 and 1.15.x, as well as before 1.15.7, the crypto/elliptic/p224.go file may generate incorrect outputs due to a underflow of the lowest limb during the final complete reduction of the P-224 field...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove the improper idxdfree The call to idxdfree introduces a duplicate putdevice call, resulting in a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15, PID: 4428, at...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fscrypt: fixed an underflow issue during left shift when inode-iblkbits PAGESHIFT When simulating an NVMe device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, an error trace appears during partition table...