2 matches found
CVE-2026-58050 libssh2 - Integer Overflow in publickey Subsystem Attribute Allocation
libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from a publickey-subsystem response and uses it in the allocation numattrs sizeoflibssh2publickeyattribute without bounds checking, so on 32-bit platforms the multiplication overflows to an undersized buffer. A malicious S...
CVE-2023-52641
CVE-2023-52641 : Linux kernel vulnerability in the ntfs3 file system driver. A NULL pointer dereference could occur at the end of attr_allocate_frame(); a patch adds NULL pointer checks and directs exit via the out: label to avoid dereference of debugging helpers. The issue is resolved by this fi...