Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size. The plparhcall, plparhcall9, and related functions expect callers to provide valid result buffers of a certain minimum size. Currently, this is communicated only...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: jfs: Fixed an array-index-out-of-bounds read in addmissingindices. stbl is a signed 8-bit value, but its offset must be within a range of 0 to 127. A bound check was added for this error, and if the check fails, the error code -E...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.231-2.6.19.1.AXS4 (AXSA:2019-3940:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3940:03 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

EUVD-2018-17905

Malware in sbrugna...

EUVD-2021-15356

Malware in sbrugna...

EUVD-2025-11812

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2023-52804

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/jfs: Add validity check for dbmaxag and dbagpref Both dbmaxag and dbagpref are used as the index of the dbagfree array, but there is currently no validity...

CVE-2025-40114 iio: light: Add check for array bounds in veml6075_read_int_time_ms

In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075readinttimems The array contains only 5 elements, but the index calculated by veml6075readinttimeindex can range from 0 to 7, which could lead to out-of-bounds access. The check...

CVE-2025-40114

Technical details for CVE-2025-40114 are not publicly provided in the connected documents. The advisories reference the CVE but do not expose specifics here. Monitor official vendor/security bulletins for updates.

SUSE CVE-2024-56784

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption Why & How Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound...

UBUNTU-CVE-2024-56784

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adding array index check to prevent memory corruption Why & How Array indices out of bound caused memory corruption. Adding checks to ensure that array index stays in bound...

CVE-2024-49970 drm/amd/display: Implement bounds check for stream encoder creation in DCN401

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN401 'streamencregs' array is an array of dcn10streamencregisters structures. The array is initialized with four elements, corresponding to the four calls t...

kernel: protect the fetch of ->fd[fd] in do_dup2() from mispredictions

In the Linux kernel, the following vulnerability has been resolved: protect the fetch of -fdfd in dodup2 from mispredictions both callers have verified that fd is not greater than -maxfds; however, misprediction might end up with tofree = fdt-fdfd; being speculatively executed. That's wrong for t...

SUSE CVE-2024-38568

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through following cmd 1, but the driver does not check whether the array index is out of bounds when writi...

CVE-2024-27042

...

GLSA-202208-23 : Xen: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202208-23 Xen: Multiple Vulnerabilities - IOMMU page mapping issues on x86 This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. Both AMD and Intel allow ACP...

Mageia: Security Advisory (MGASA-2019-0241)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...

CVE-2021-28699

CVE-2021-28699 affects Xen-based platforms (Citrix Hypervisor and Xen). The issue is an inadequate bounds check in the grant table status path: translation of the grant-status frame numbers can exceed allocated translation space, allowing writes beyond the intended area. Citrix shows this as a ho...

CVE-2021-28699

inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can b...