15 matches found
PT-2026-37493
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A problem exists in the XFS filesystem component where the xfs attr leaf hasname function has a problematic calling convention. The function may return a NULL buffer if xfs attr3 leaf re...
CVE-2026-23235
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix out-of-bounds access in sysfs attribute read/write Some f2fs sysfs attributes suffer from out-of-bounds memory access and incorrect handling of integer values whose size is not 4 bytes. For example: vm: echo 65537...
VulnCheck KEV: CVE-2017-10986
An FR-GV-303 issue in FreeRADIUS 3.x before 3.0.15 allows "DHCP - Infinite read in dhcpattr2vp" and a denial of service...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414326)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414326 advisory. In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfsattrfind in fs/ntfs/attrib.c. Tenable has extracted the preceding description block directly from th...
AZL-53679 CVE-2024-50198 affecting package kernel for versions less than 5.15.173.1-1
In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...
AZL-53564 CVE-2024-50198 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...
CVE-2024-50198 iio: light: veml6030: fix IIO device retrieval from embedded device
In the Linux kernel, the following vulnerability has been resolved: iio: light: veml6030: fix IIO device retrieval from embedded device The dev pointer that is received as an argument in the inilluminanceperiodavailableshow function references the device embedded in the IIO device, not in the i2c...
USN-6966-2 firefox regressions
USN-6966-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...
OESA-2023-1178 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In bindertransactionbufferrelease of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
SUSE CVE-2017-6307
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...
ntfs-3g: Heap buffer overflow in ntfs_attr_pread_i() triggered by specially crafted NTFS attributes
The ntfs3g package is susceptible to a heap overflow on crafted input. When processing NTFS attributes, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...
UBUNTU-CVE-2021-33287
In NTFS-3G versions 2021.8.22, when specially crafted NTFS attributes are read in the function ntfsattrpreadi, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application...
libfsntfs information disclosure vulnerability (CNVD-2018-16497)
libfsntfs is a library for accessing the New Technology File System NTFS. An information disclosure vulnerability exists in the libfsntfsattributereadfrommft function in the libfsntfsattribute.c file in libfsntfs 2018-04-20 and earlier. An attacker can exploit this vulnerability to obtain...
UBUNTU-CVE-2017-6307
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...
tnef 'src/mapi_attr.c:mapi_attr_read()' function denial of service vulnerability
tnef is a set of programs for decompressing MIME attachments. A security vulnerability in the 'src/mapiattr.c:mapiattrread' function of tnef allows an attacker to conduct a denial of service attack by submitting a special file that triggers invalid read and write operations...