Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a signed integer overflow in the ip6appenddata function...

kernel: tipc: fix a possible memleak in tipc_buf_append

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

CVE-2025-23208

zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database meta.db is an append-list so group revocations/removals are ignored in the API. SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended...

PT-2025-1339 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: In the ip6 append data function of ip6 output.c, there is a possible way to achieve code execution due to a heap buffer overflow. This could lead to a local privilege escalation...

CVE-2025-23208 IdP group membership revocation ignored in zot

zot is a production-ready vendor-neutral OCI image registry. The group data stored for users in the boltdb database meta.db is an append-list so group revocations/removals are ignored in the API. SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended...

Zot IdP group membership revocation ignored

Summary The group data stored for users in the boltdb database meta.db is an append-list so group revocations/removals are ignored in the API. Details SetUserGroups is alled on login, but instead of replacing the group memberships, they are appended. This may be due to some conflict with the grou...

PT-2025-4847 · Boltdb +2 · Boltdb +2

Name of the Vulnerable Software and Affected Versions: zot versions prior to 2.1.2 Description: The issue arises from the way group data is stored for users in the boltdb database, specifically as an append-list. This leads to group revocations or removals being ignored in the API. When a user lo...

PT-2026-3558

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.0 through 2.42 Description Using the wordexp function with WRDE REUSE and WRDE APPEND together in the GNU C Library can lead to the function returning uninitialized memory in the we wordv member. Subsequent calls to...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a skb release issue caused by hcidevcdappend in the Bluetooth btmtk subsystem. No detailed vulnerability...

CLSA-2024-1734542622 squid: Fix of CVE-2024-23638

CVE-2024-23638: Do not update StoreEntry expiration after errorAppendEntry...

CLSA-2024-1733142094 squid: Fix of CVE-2024-23638

CVE-2024-23638: Do not update StoreEntry expiration after errorAppendEntry...

The vulnerability of the __ip{,6}_append_data() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the ip,6appenddata function in the Linux operating system’s kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

CLSA-2024-1727817758 Fix of 74 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2021-47188 - scsi: ufs: core: Improve SCSI abort handling CVE-url: https://ubuntu.com/security/CVE-2024-26677 - rxrpc: Fix delayed ACKs to not set the...

CLSA-2024-1727816002 Fix of 60 CVEs

CVE-url: https://ubuntu.com/security/CVE-2024-26752 - l2tp: pass correct message length to ip6appenddata CVE-url: https://ubuntu.com/security/CVE-2023-52527 - ipv4, ipv6: Fix handling of transhdrlen in ip,6appenddata CVE-url: https://ubuntu.com/security/CVE-2024-43882 - exec: Fix ToCToU between...

The vulnerability of the avahi_dns_packetAppendRecord() function in the Avahi service discovery system, related to the reachable assertion, allows a attacker to cause a service failure.

The vulnerability of the avahidnspacketAppendRecord function in the Avahi service discovery system is related to a reachable assertion. Exploiting this vulnerability allows an attacker to cause a service failure...

CVE-2024-34622

Out-of-bounds write in appending paragraph in Samsung Notes prior to version 4.4.21.62 allows local attackers to potentially execute arbitrary code with Samsung Notes privilege...

Elliptic's EDDSA missing signature length check

In the Elliptic package 6.5.6 for Node.js, EDDSA signature malleability occurs because there is a missing signature length check, and thus zero-valued bytes can be removed or appended...

There is a reachable assertion abort in the function sox_append_comment() in formats.c in Sound eXchange (SoX) 14.4.2. A Crafted input will lead to a denial of service attack during conversion of an audio file.

...

OESA-2024-1880 mongo-c-driver security update

mongo-c-driver is a project that includes two libraries: libmongoc, a client library written in C for MongoDB. libbson, a library providing useful routines related to building, parsing, and iterating BSON documents. Security Fixes: The bsonstringappend function in MongoDB C Driver may be vulnerab...

kernel: TIPC message reassembly use-after-free remote code execution vulnerability

A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...