109 matches found
GHSA-W567-GJR2-HM5J MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length
Summary UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining payload bytes. The outer extension header is bounded by available input, b...
CVE-2026-48514
MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...
CVE-2026-48514 MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length
MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...
CVE-2026-48514 MessagePack-CSharp: Unity unsafe blit formatter allocates from unbounded byte length
MessagePack for C is a MessagePack serializer for C. Prior to 2.5.301 and 3.1.7, UnsafeBlitFormatterBase.Deserialize reads an attacker-controlled byteLength from an extension payload and allocates an array based on that value before validating it against the extension header length or remaining...
Astra Linux – Vulnerability in libsdl2
SDL Simple DirectMedia Layer version 2.0.12 has a heap-based buffer over-read issue in the function Blit3or4to3or4inversedrgb in the file video/SDLblitN.c, caused by a malicious .BMP file...
Astra Linux – Vulnerability in virglrenderer
A out-of-bounds read in the vrendblitneedswizzle function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGLCCMDBLIT commands...
Astra Linux – Vulnerability in libsdl2
SDL Simple DirectMediaLayer from version 2.0.12 has an integer overflow issue, which leads to heap corruption when using SDLBlitCopy in the video/SDLblitcopy.c file, due to a specially crafted .BMP file...
JLSEC-2026-363
SDL Simple DirectMedia Layer through 2.0.12 has a heap-based buffer over-read in Blit3or4to3or4inversedrgb in video/SDLblitN.c via a crafted .BMP file...
JLSEC-2026-362
SDL Simple DirectMedia Layer through 2.0.12 has an Integer Overflow and resultant SDLmemcpy heap corruption in SDLBlitCopy in video/SDLblitcopy.c via a crafted .BMP file...
CVE-2025-40322
In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...
EUVD-2019-5342
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-38685
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number an...
CVE-2025-38685
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
AZL-66794 CVE-2025-38685 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
DEBIAN-CVE-2025-38685
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
UBUNTU-CVE-2025-38685
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
CVE-2025-38685 fbdev: Fix vmalloc out-of-bounds write in fast_imageblit
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
Linux Distros Unpatched Vulnerability : CVE-2019-13616
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDLblitN.c when called from SDLSoftBlit...
Linux Distros Unpatched Vulnerability : CVE-2020-26971
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firef...
CVE-2019-14087
Failure in buffer management while accessing handle for HDR blit when color modes not supported by display in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605...