10813 matches found
Use-after-realloc vulnerablity in mruby 3.4.0
A vulnerability has been found in mruby up to 3.4.0. This vulnerability affects the function sortcmp of the file src/array.c. Such manipulation leads to use after free. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The name of the patch is...
EUVD-2025-124966
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
CVE-2025-40117
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
UBUNTU-CVE-2025-40117
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
UBUNTU-CVE-2025-40118
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40150 f2fs: fix to avoid migrating empty section
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...
CVE-2025-40118 scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40118 scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod
In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix array-index-out-of-of-bounds on rmmod Since commit f7b705c238d1 "scsi: pm80xx: Set phyattached to zero when device is gone" UBSAN reports: UBSAN: array-index-out-of-bounds in drivers/scsi/pm8001/pm8001sas.c:786:...
CVE-2025-40118
CVE-2025-40118 is a Linux kernel vulnerability in the SCSI subsystem (pm80xx/pm8001) where rmmod could trigger an UBSAN array-index-out-of-bounds. The issue occurs when a device behind an expander has an attached_phy value that can exceed the local pm8001 PHY count, causing code to index pm8001_h...
CVE-2025-40117 misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
CVE-2025-40117
CVE-2025-40117 : In the Linux kernel, the fix addresses an array underflow in pci_endpoint_test_bar() triggered by a negative value passed to pci_endpoint_test_ioctl(). The root cause was adding NO_BAR (-1) to the pci_barno enum, effectively converting it from unsigned to signed, as described in ...
CVE-2025-40117 misc: pci_endpoint_test: Fix array underflow in pci_endpoint_test_ioctl()
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
CVE-2025-40117
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
Prototype Pollution
toggle-array is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the enable and disable functions, which allows an attacker to supply a crafted payload and inject properties into the Object.prototype, potentially leading to denial of service DoS or...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990738)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990738 advisory. In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof vs ARRAYSIZE bug The buf pointer is an array of u16 values. This code should ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990820)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990820 advisory. In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access The recent fix for array out-of-bounds accesse...
PT-2025-46592
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the pci endpoint test module. A commit introduced a change that allows for a potential array underflow in the pci endpoint test bar function when ...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990752)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990752 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 1141993...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990846)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990846 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the...