NanaZip 缓冲区错误漏洞

NanaZip is a compression software open-source by the M2-Team. Versions of NanaZip from 5.0.1252.0 to 6.0.1698.0 contained a buffer error vulnerability. This vulnerability stemmed from the BitmapSize field in the ZealFS file system image resolver, where an attacker-controlled BitmapSize field led ...

PT-2026-40360

NanaZip is an open source file archive. From 5.0.1252.0 to before 6.0.1698.0, a stack-based out-of-bounds read exists in the ZealFS filesystem image parser in NanaZip. The vulnerability is triggered when opening a crafted ZealFS v1 filesystem image. An attacker-controlled BitmapSize field in the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for dm-raid10, lvextend + lvchange --syncaction will trigger following softlockup: kernel:watchdog: BUG: soft lockup - CPU3 stuck for 26s!...

EUVD-2026-17235

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

CVE-2026-33987

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38218)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38218 advisory. - In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000655)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000655 advisory. The NFSv4 implementation in the Linux kernel before 3.2.2 does not properly handle bitmap sizes in GETACL replies, which allows remote NFS servers to cause a denial ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003381)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003381 advisory. An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.14. A denial of service out-of- bounds memory access and BUG can occur upon encountering an...

Siemens SIMATIC Devices Improper Locking (CVE-2024-38598)

In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

EUVD-2018-5045

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986284)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986284 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix resync softlockup when bitmap size is less than array size Is is reported that for...

EUVD-2022-30314

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of byte units to manage the size of bitmaps, which could lead to out-of-bounds memory access...

f2fs: fix to do sanity check on sit_bitmap_size

...

AZL-64677 CVE-2025-38218 affecting package kernel for versions less than 6.6.96.1-1

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted image which contains inconsistent metadata, so when mounting such image, it will trigger kernel panic: touch img truncate -s...

CVE-2025-38218

CVE-2025-38218 affects the Linux kernel’s F2FS file system. The vulnerability stems from a faulty sanity check on sit_bitmap_size that can lead to an out-of-bounds access in sit_bitmap when resizing an image, causing a kernel panic during mount. The root cause described is sit_i->bitmap_size b...

CVE-2025-38218

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on sitbitmapsize w/ below testcase, resize will generate a corrupted image which contains inconsistent metadata, so when mounting such image, it will trigger kernel panic: touch img truncate -s...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from memory corruption due to unverified sitbitmapsize...

CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

UBUNTU-CVE-2022-49710

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: round up region bitmap size to BITSPERLONG The code in dm-log rounds up bitsetsize to 32 bits. It then uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...