7041 matches found
CVE-2019-14382
DSM in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs...
CVE-2019-14383
J2B in libopenmpt before 0.4.2 allows an assertion failure during file parsing with debug STLs...
CVE-2018-12504
tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...
CVE-2018-12459
An inconsistent bits-per-sample value in the ffmpeg4decodepictureheader function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service...
K000151474: GNU C Library vulnerability CVE-2025-0395
Security Advisory Description When the assert function in the GNU C Library versions 2.13 to 2.40 fails, it does not allocate enough space for the assertion failure message string and size information, which may lead to a buffer overflow if the message string size aligns to page size. CVE-2025-03...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
AZL-61972 CVE-2025-40775 affecting package bind for versions less than 9.20.9-1
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
DEBIAN-CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775 DNS message with invalid TSIG causes an assertion failure
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
CVE-2025-40775 affects ISC BIND 9, specifically versions 9.20.0–9.20.8 and 9.21.0–9.21.7. The root cause is an invalid value in the TSIG algorithm field in an incoming DNS message, which causes BIND to abort with an assertion failure. The impact is remote denial of service via crafted TSIGs. A fi...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
CVE-2025-40775
When an incoming DNS protocol message includes a Transaction Signature TSIG, BIND always checks it. If the TSIG contains an invalid value in the algorithm field, BIND immediately aborts with an assertion failure. This issue affects BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7...
SUSE CVE-2025-37897
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...
ISC BIND 安全漏洞
ISC BIND is an ISC open source suite of open source software that implements the DNS protocol. A security vulnerability exists in ISC BIND 9 versions 9.20.0 through 9.20.8 and 9.21.0 through 9.21.7, which stems from an invalid value in the TSIG algorithm field that could lead to an assertion...
[ASA-202505-14] bind: denial of service
Arch Linux Security Advisory ASA-202505-14 ========================================== Severity: High Date : 2025-05-21 CVE-ID : CVE-2025-40775 Package : bind Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-2881 Summary ======= The package bind before version 9.20.9...
DEBIAN-CVE-2025-37897
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...
UBUNTU-CVE-2025-37897
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...
CVE-2025-37897 wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release
In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...
CVE-2025-37897
CVE-2025-37897 affects the Linux kernel wifi driver (plfxlc) where plfxlc_mac_release() asserts mac->lock, which is incorrect because mac->lock cannot be held when probe fails or the device is disconnected. The issue can trigger a kernel warning (warning trace shown in the advisory) and is ...