Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: can: mcan: mcanreadfifo,echotxevent: The shift timestamp is now set to 32 bits. In commit 1be37d3b0414 “can: mcan: fix periph RX path: use rx-offload to ensure that packets are sent from the softirq context”, the RX path for...

PT-2025-49638

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the accel/qaic component related to integer overflow checking within the map user pages function. The encode dma function previously had validation on...

CVE-2022-50623

In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The "hdr.count sizeofs32" multiplication can overflow on 32 bit systems leading to memory corruption. Use arraysize to fix that...

EUVD-2025-28256

Malicious code in bioql PyPI...

CVE-2021-4460 drm/amdkfd: Fix UBSAN shift-out-of-bounds warning

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix UBSAN shift-out-of-bounds warning If getnumsdmaqueues or getnumxgmisdmaqueues is 0, we end up doing a shift operation where the number of bits shifted equals number of bits in the operand. This behaviour is...

CVE-2025-39815 RISC-V: KVM: fix stack overrun when loading vlenb

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: fix stack overrun when loading vlenb The userspace load can put up to 2048 bits into an xlen bit stack buffer. We want only xlen bits, so check the size beforehand...

CVE-2025-48756

In groupnumber in the scsir crate 0.2.0 for Rust, there can be an overflow because a hardware device may expect a small number of bits e.g., 5 bits for group number...

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation in the United States. A security vulnerability exists in Rust that stems from a possible overflow in groupnumber, where a hardware device may expect a small number of bits to be used to represent a group number...

UBUNTU-CVE-2025-21667

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomapwritedelallocscan was inadvertently using a 32-bit position due to folionextindex returning an unsigned long. This could lead to an infinite loop when...

DEBIAN-CVE-2024-56656

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X P7 chip's HW GRO/LRO interface is very similar to that of the previous generation 5750X or P5. However, the aggregation ID fields in the completion structur...

CVE-2024-53161 EDAC/bluefield: Fix potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: EDAC/bluefield: Fix potential integer overflow The 64-bit argument for the "get DIMM info" SMC call consists of memctrlidx left-shifted 16 bits and OR-ed with DIMM index. With memctrlidx defined as 32-bits wide the left-shift...

SUSE CVE-2024-36948

In the Linux kernel, the following vulnerability has been resolved: drm/xe/xemigrate: Cast to output precision before multiplying operands Addressing potential overflow in result of multiplication of two lower precision u32 operands before widening it to higher precision u64. -v2 Fix commit messa...

DEBIAN-CVE-2024-35995

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...

CVE-2024-35995

CVE-2024-35995 describes a Linux kernel issue where the ACPI CPPC code misread system memory by relying on bit_width, risking incorrect memory access. The fix switches to using access_width for size calculation and reads/writes using an offset and width, with a fallback to bit_width if access_wid...

CVE-2024-35995 ACPI: CPPC: Use access_width over bit_width for system memory accesses

In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Use accesswidth over bitwidth for system memory accesses To align with ACPI 6.3+, since bitwidth can be any 8-bit value, it cannot be depended on to be always on a clean 8b boundary. This was uncovered on the Cobalt 1...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of bitwidth for system memory accesses, resulting in a kernel panic...

UBUNTU-CVE-2021-47044

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix shift-out-of-bounds in loadbalance Syzbot reported a handful of occurrences where an sd-nrbalancefailed can grow to much higher values than one would expect. A successful loadbalance resets it to 0; a failed one...

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

ALPINE-CVE-2018-5709

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...

2019-11 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 (KB4524741)

2019-11 Preview of Quality Rollup for .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 7 and Server 2008 R2 for x64 KB4524741...