22 matches found
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.0, division by zero occurred in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign was 0, resulting in a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize, where blocksize =...
CVE-2026-46130
CVE-2026-46130 concerns the Linux kernel’s dm-verity-fec component. The root cause is an incorrect assumption about parity data layout: when reading parity bytes across blocks, parity bytes for the first RS codeword can be split across parity blocks, causing an out-of-bounds read under certain no...
CVE-2026-46130 dm-verity-fec: fix reading parity bytes split across blocks (take 3)
In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
freerdp: FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
A division by zero flaw has been discovered in FreeRDP. This division by zero exists in the MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign. The...
SUSE-SU-2026:21361-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-40253: s390/ctcm: Fix double-kfree bsc1255084. -...
UBUNTU-CVE-2026-31884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...
CVE-2026-31884
FreeRDP (Remote Desktop Protocol implementation) contains a division-by-zero vulnerability in the ADPCM decoders when nBlockAlign is 0 (CVE-2026-31884). Affects versions prior to 3.24.0; the issue arises in libfreerdp/codec/dsp.c where size % block_size is computed with block_size taken from cont...
CVE-2026-31884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...
CVE-2026-31884 FreeRDP has a division-by-zero in ADPCM decoders when `nBlockAlign` is 0
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % blocksize where blocksize = context-common.format.nBlockAlign...
FreeRDP 数字错误漏洞
FreeRDP is an open-source implementation of the Remote Desktop Protocol RDP by the FreeRDP team. Versions of FreeRDP prior to 3.24.0 contained a numerical error vulnerability. This vulnerability occurred when nBlockAlign was set to 0, resulting in a zero overflow error in the MS-ADPCM and IMA-ADP...
CVE-2025-69418
A flaw was found in OpenSSL. When applications directly call the low-level CRYPTOocb128encrypt or CRYPTOocb128decrypt functions with non-block-aligned lengths in a single call on hardware-accelerated builds, the trailing 1-15 bytes of a message may be exposed in cleartext. These exposed bytes are...
CLSA-2025-1749548218 Fix of 6 CVEs
CVE-url: https://ubuntu.com/security/CVE-2024-57896 - btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount CVE-url: https://ubuntu.com/security/CVE-2024-56551 - drm/amdgpu: fix usage slab after free CVE-url: https://ubuntu.com/security/CVE-2021-47211 - ALSA: usb-audi...
UBUNTU-CVE-2024-50250
In the Linux kernel, the following vulnerability has been resolved: fsdax: daxunshareiter needs to copy entire blocks The code that copies data from srcmap to iomap in daxunshareiter is very very broken, which bfoster's recent fsx changes have exposed. If the pos and len passed to daxfileunshare...
CLSA-2024-1714065191 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of...
CLSA-2024-1714065005 Fix of 9 CVEs
CVE-url: https://ubuntu.com/security/CVE-2023-1998 - x86/speculation: Allow enabling STIBP with legacy IBRS CVE-url: https://ubuntu.com/security/CVE-2021-47193 - scsi: pm80xx: Tie the interrupt name to the module instance - scsi: pm80xx: Deal with kexec reboots - scsi: pm80xx: Increase number of...