Lucene search
+L

141 matches found

cvelist
cvelist
added 2026/06/18 6:0 p.m.24 views

CVE-2026-55392 NILFS utilities - Undefined Behavior and Out-of-Memory via Unvalidated s_log_block_size

NILFS utilities through 2.3.0, fixed in commit 26efb5d, nilfssbisvalid function fails to validate slogblocksize field in NILFS2 superblock before bit-shift operations. Attackers supplying crafted NILFS2 images trigger undefined behavior through oversized shifts or out-of-memory conditions, crashi...

6.7CVSS0.00105EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: lib/fonts: Fixed undefined behavior in bit shifting for getdefaultfont. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning “calltrace” is as follow...

5.5CVSS6.4AI score0.00147EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerabilities have been resolved: capabilities: Defined behavior in bit shifting for CAPTOMASK was fixed. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning during call tracing is a...

7.1CVSS6.4AI score0.0019EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fixed an undefined behavior in bit shifting for mdiobusregister. Shifting a signed 32-bit value by 31 bits is undefined; therefore, the significant bit was changed to unsigned. The UBSAN warning appears as follows:...

7.8CVSS6.1AI score0.00196EPSS
Exploits0References2
nessus
nessus
added 2026/05/20 12:0 a.m.7 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021623 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References4
nessus
nessus
added 2026/05/11 12:0 a.m.9 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017620)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017620 advisory. A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined...

4.3CVSS6.7AI score0.01114EPSS
Exploits1References4
alpinelinux
alpinelinux
added 2026/05/07 4:4 a.m.8 views

CVE-2026-42217

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, readVariableLengthInteger decodes a variable-length integer fro...

9.8CVSS5.8AI score0.00393EPSS
Exploits1
nessus
nessus
added 2026/04/21 12:0 a.m.7 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010856)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010856 advisory. In the Linux kernel, the following vulnerability has been resolved: lib/fonts: fix undefined behavior in bit shift for getdefaultfont Shifting signed 32-bit value by...

5.5CVSS5.8AI score0.00147EPSS
Exploits0References4
osv
osv
added 2026/04/10 11:16 a.m.4 views

DEBIAN-CVE-2026-31412

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...

5.5CVSS5.7AI score0.0017EPSS
Exploits0References1
astralinux
astralinux
added 2026/01/27 5:1 a.m.5 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

7.1CVSS6.2AI score0.00164EPSS
Exploits0References3
astralinux
astralinux
added 2026/01/27 5:1 a.m.4 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: aioiiro16: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: c if 1 options1 & 0xdcfc However, it-optionsi is an unchecked int value from the user space, so the shift amount...

7.1CVSS6.2AI score0.00164EPSS
Exploits0References3
osv
osv
added 2026/01/20 8:9 a.m.19 views

CLSA-2026-1768110920 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

7.8CVSS6AI score0.21314EPSS
Exploits0References1
nessus
nessus
added 2026/01/15 12:0 a.m.14 views

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1091)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : net: drop UFO packets in udprcvsegmentCVE-2025-38622 A transient execution vulnerability in some AMD processors may allow an attacker to infer dat...

7.8CVSS7.3AI score0.00331EPSS
Exploits2References110
nessus
nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993042)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993042 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value b...

7.8CVSS6AI score0.00196EPSS
Exploits0References4
nessus
nessus
added 2025/12/31 12:0 a.m.8 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993217)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993217 advisory. In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 3...

7.1CVSS6AI score0.0019EPSS
Exploits0References4
redhat
redhat
added 2025/12/22 5:42 p.m.12 views

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

7.3AI score
Exploits0References5
redhat
redhat
added 2025/12/22 5:4 p.m.7 views

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

7.3AI score
Exploits0References5
redhat
redhat
added 2025/12/22 5:4 p.m.7 views

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

7.8CVSS7.1AI score0.00206EPSS
Exploits0References12
redhat
redhat
added 2025/12/17 7:48 a.m.4 views

kernel: ext4: fix undefined behavior in bit shift for ext4_check_flag_values

A vulnerability was identified in the Linux kernel's ext4 filesystem implementation due to a flaw in how it processes filesystem metadata. An attacker with local privileges could create a malicious ext4 filesystem image to trigger this issue. When the system attempts to mount this malicious image...

7.3AI score
Exploits0References5
nessus
nessus
added 2025/12/11 12:0 a.m.19 views

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2025-2464)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: qla2xxx: Fix warning message due to adisc being flushedCVE-2022-49158 scsi: qla2xxx: Implement ref count for SRBCVE-2022-49159 tcp: add...

7.8CVSS7.2AI score0.00358EPSS
Exploits3References85
Rows per page
Query Builder