libheif 缓冲区错误漏洞

LibHEIF is a open-source decoder and encoder for the ISO/IEC 23008-12:2017 HEIF file format developed by Struktur. Versions of LibHEIF prior to 1.21.2 contain a buffer error vulnerability. This vulnerability arises from the fact that the number of samples declared in the saiz frame exceeds the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986359)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986359 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK...

CVE-2021-34947

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2021-34947

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...

CVE-2021-34947

The CVE-2021-34947 entry describes a NETGEAR R7800 net-cgi Out-of-Bounds Write Remote Code Execution vulnerability. The flaw is in parsing of the soap_block_table, caused by insufficient validation of user-supplied data, allowing a write past the end of an allocated structure. This enables networ...

CVE-2021-47055

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...

CVE-2021-47055

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...

CVE-2021-47055

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...

CVE-2021-47055 mtd: require write permissions for locking and badblock ioctls

In the Linux kernel, the following vulnerability has been resolved: mtd: require write permissions for locking and badblock ioctls MEMLOCK, MEMUNLOCK and OTPLOCK modify protection bits. Thus require write permission. Depending on the hardware MEMLOCK might even be write-once, e.g. for SPI-NOR...

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

Sensitive Information Disclosure

Xen is vulnerable to Sensitive Information Disclosure. Linux block table does not zero memory regions before sharing with the backend, leading to information disclosure. Additionally, the grant table only shares 4k pages, leading to unrelated data from different backends residing in the same page...

The vulnerability of the embedded software of NETGEAR R6700AX, NETGEAR R7800, NETGEAR R8900, NETGEAR R9000, NETGEAR RAX10, NETGEAR RAX120, NETGEAR RAX120v2, NETGEAR RAX70, NETGEAR RAX78, and NETGEAR XR700 lies in the ability to write data beyond the buffer, allowing an attacker to execute arbitrary code.

The vulnerability of the embedded software of NETGEAR R6700AX, NETGEAR R7800, NETGEAR R8900, NETGEAR R9000, NETGEAR RAX10, NETGEAR RAX120, NETGEAR RAX120v2, NETGEAR RAX70, NETGEAR RAX78, and NETGEAR XR700 lies in the fact that data is written beyond the buffer during syntax analysis of the...

NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of the soapblocktable file. The issue results from the lack ...

PT-2024-11145 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns the requirement of write permissions for locking and badblock ioctls in the Linux kernel. Specifically, MEMLOCK, MEMUNLOCK, and OTPLOCK modify protection bits and th...