10810 matches found
CVE-2022-50623
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
DEBIAN-CVE-2022-50623
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
UBUNTU-CVE-2022-50623
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
CVE-2023-53748
The CVE-2023-53748 entry concerns a Linux kernel issue in media: mediatek: vcodec where an array bounds check was missing in decoder queue_setup. The vulnerability arises because *nplanes is user-provided and can range up to 8, while q_data->fmt->num_planes is 1–3; an index i could access b...
CVE-2023-53748
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2023-53748 media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2023-53748 media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
CVE-2022-50623 fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
CVE-2022-50623
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
CVE-2022-50623 fpga: prevent integer overflow in dfl_feature_ioctl_set_irq()
In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...
CVE-2022-50623
CVE-2022-50623 : In the Linux kernel, a vulnerability exists in the fpga driver’s dfl_feature_ioctl_set_irq() where computing hdr.count * sizeof(s32) can overflow on 32-bit systems, leading to memory corruption. The fix uses array_size() to prevent the overflow. Affected component: Linux kernel (...
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the lack of array bounds checking in decoder queuesetup, which could lead to out-of-bounds access to arrays...
PT-2025-49464
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the dfl feature ioctl set irq function when handling the multiplication of hdr.count and sizeofs32 on 32-bit systems. This calculation can overflow, leading...
Linux Distros Unpatched Vulnerability : CVE-2023-53748
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible val...
Array Networks ArrayOS AG OS Command Injection Vulnerability
Array Networks ArrayOS AG contains an OS command injection vulnerability that could allow an attacker to execute arbitrary commands...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an extent cache integrity check error that could lead to out-of-bounds access to arrays...
EUVD-2025-201575
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...
CVE-2025-40280
In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcmonreinitself. syzbot reported use-after-free of tipcnetnet-monitors in tipcmonreinitself. 0 The array is protected by RTNL, but tipcmonreinitself iterates over it without RTNL. tipcmonreinitself i...