10996 matches found
CVE-2025-38407
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...
CVE-2025-38391
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...
CVE-2025-38367
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...
CVE-2025-38366
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...
UBUNTU-CVE-2025-38367
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...
CVE-2025-38391 usb: typec: altmodes/displayport: do not index invalid pin_assignments
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...
CVE-2025-38391
In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pinassignments A poorly implemented DisplayPort Alt Mode port partner can indicate that its pin assignment capabilities are greater than the maximum value, DPPINASSIGNF. In...
CVE-2025-38367
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...
CVE-2025-38367
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...
CVE-2025-38367
CVE-2025-38367 concerns the Linux kernel LoongArch KVM subsystem. The issue arises from a logic error where a modified index is reused as an array index when updating the EIOINTC_ENABLE register, creating an array index overflow condition. The vulnerability affects the kernel, with the descriptio...
CVE-2025-38367 LoongArch: KVM: Avoid overflow with array index
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modify register EIOINTCENABLE. There will be array index overflow problem...
CVE-2025-38366
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...
CVE-2025-38366 LoongArch: KVM: Check validity of "num_cpu" from user space
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an under-allocation of the gpiods array could lead to out-of-bounds access...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from an array index overflow when the EIOINTCENABLE register is modified...
SUSE-SU-2025:20506-1 Security update for jq
This update for jq fixes the following issues: - CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450...
Security update for jq
This update for jq fixes the following issues: CVE-2024-23337: Fixed signed integer overflow in jv.c:jvparraywrite bsc1243450 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the comma...
PT-2025-31066
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in the KVM component, specifically within the emulation of Xen schedop poll hypercalls. The kvm xen schedop poll function uses kmalloc array when a...
Learning to Locate: GNN-Powered Vulnerability Path Discovery in Open Source Code
Detecting security vulnerabilities in open-source software is a critical task that is highly regarded in the related research communities. Several approaches have been proposed in the literature for detecting vulnerable codes and identifying the classes of vulnerabilities. However, there is still...
CASCADE: LLM-Powered JavaScript Deobfuscator at Google
Software obfuscation, particularly prevalent in JavaScript, hinders code comprehension and analysis, posing significant challenges to software testing, static analysis, and malware detection. This paper introduces CASCADE, a novel hybrid approach that integrates the advanced coding capabilities o...