7041 matches found
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect assertion that mac-lock is held in the plfxlcmacrelease function, which could result in a kerne...
GNU PSPP Denial of Service Vulnerability
GNU PSPP is an application for data sampling, statistics and analysis. A denial of service vulnerability exists in GNU PSPP, which can be exploited by an attacker to cause assertion failures and application exits...
Authentication Bypass
passport-wsfed-saml2 is vulnerable to Authentication Bypass. The vulnerability is due to improper validation of the SAML assertion recipient and insecure handling of signed SAML objects, which allows attackers to reuse valid assertions to impersonate users...
SUSE CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
SUSE-SU-2025:1501-1 Security update for opensaml
This update for opensaml fixes the following issues: - CVE-2025-31335: Fixed parameter manipulation allowing forging signed SAML messages bsc1239889...
Open5GS Input Validation Error Vulnerability
Open5GS is Open5GS open source an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. An input validation error vulnerability exists in Open5GS v2.7.2 and earlier versions, which stems from a PFCP session parameter validation failure, and can be exploited b...
Qemu-kvm: net: assertion failure in update_sctp_checksum()
...
qemu-kvm: net: assertion failure in update_sctp_checksum()
A flaw was found in QEMU. An assertion failure was present in the updatesctpchecksum function in hw/net/nettxpkt.c when trying to calculate the checksum of a short-sized fragmented packet. This flaw allows a malicious guest to crash QEMU and cause a denial of service condition...
RHEL 9 : qemu-kvm (RHSA-2025:4492)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:4492 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...
TinyXML2 through 10.0.0 has a reachable assertion for UINT_MAX/digit, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef.
...
CVE-2025-47229
libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a denial of service varsetleavequiet assertion failure and application exit via crafted input data, such as data that triggers a call from src/data/dictionary.c code into src/data/variable.c code...
GNU PSPP 安全漏洞
GNU PSPP is an application for data sampling, statistics and analysis. A denial of service vulnerability exists in GNU PSPP, which can be exploited by an attacker to cause assertion failures and application exits...
CVE-2025-47229
CVE-2025-47229 affects GNU PSPP (libpspp-core.a) up to version 2.0.1. The root cause is a denial-of-service condition triggered by crafted input data that causes a var_set_leave_quiet assertion failure and application exit, via a call path from src/data/dictionary.c into src/data/variable.c. Mult...
The vulnerability of the Linux operating system’s kernel’s media component, which allows a hacker to cause a service failure
The vulnerability of the Linux operating system’s kernel media component is related to a reachable assertion. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2022-49849
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...
CVE-2022-49849 btrfs: fix match incorrectly in dev_args_match_device
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...
CVE-2022-49849
CVE-2022-49849 fixes a Linux kernel flaw in the Btrfs dev_args_match_device path. When devid is set to (u64)-1 via ioctl, the match of devid may be skipped and device matching may succeed incorrectly. The issue was introduced by a patch that added the function used to match devices; the two match...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from an improper match of devid by the devargsmatchdevice function in the btrfs driver, which could lead to an...
PT-2025-18566 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel related to the btrfs file system. The issue involves a failed assertion in the dev args match device function, which can be...
glibc: buffer overflow in the GNU C Library's assert()
A flaw was found in the GNU C Library glibc. A buffer overflow condition via the assert function may be triggered due to glibc not allocating enough space for the assertion failure message string and size information. In certain conditions, a local attacker can exploit this, potentially leading t...