Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011173)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011173 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007349)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007349 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005781)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005781 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies cou...

EUVD-2014-9438

Malware in sbrugna...

SUSE CVE-2022-50440

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox...

UBUNTU-CVE-2022-50440

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox...

CVE-2022-50440

The CVE-2022-50440 issue in the Linux kernel affects the drm/vmwgfx subsystem. It describes a check that could fail to validate the box size when snooped cursor data is copied from a DMA surface, potentially overflowing memcpy and causing crashes. The fix is to validate the dimensions of the copy...

CVE-2021-32132

The abstboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service NULL pointer dereference via a crafted file in the MP4Box command...

GHSA-M5QC-5HW7-8VG7 image-size Denial of Service via Infinite Loop during Image Processing

Summary image-size is vulnerable to a Denial of Service vulnerability when processing specially crafted images. The issue occurs because of an infine loop in findBox when processing certain images with a box with size 0. Details If the first bytes of the input does not match any bytes in...

CLSA-2024-1726651745 kernel: Fix of 4 CVEs

drm/vmwgfx: Validate the box size for the snooped cursor CVE-2022-36280 - USB: eneusb6250: Allocate enough memory for full object CVE-2023-45862 - Bluetooth: L2CAP: Fix attempting to access uninitialized memory CVE-2022-42895 - stm class: Fix a double free in stmregisterdevice CVE-2024-38627...

SUSE CVE-2013-0800

Integer signedness error in the pixmanfillsse2 function in pixman-sse2.c in Pixman, as distributed with Cairo and used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows...

SUSE CVE-2014-9627

The MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large bo...

SUSE CVE-2014-9626

Integer underflow in the MP4ReadBoxString function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7...

PT-2023-33525 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.18 Description: The issue is related to the validation of the box size for the snooped cursor in the drm/vmwgfx component. The actual impact and attack plausibility have not yet been proven. Recommendations...

DEBIAN-CVE-2021-40607

The schmboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

Command injection

The schmboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

UBUNTU-CVE-2021-40607

The schmboxsize function in GPAC 1.0.1 allows attackers to cause a denial of service via a crafted file in the MP4Box command...

GPAC 安全漏洞

GPAC is an open source multimedia framework. A security vulnerability exists in GPAC version 1.0.1, which originates from the schmboxsize function. An attacker can exploit this vulnerability to cause a denial of service via a specially crafted file in the MP4Box command...

The vulnerability of the trak_box_size function in the MP4Box command of the GPAC multimedia platform allows a perpetrator to cause a service failure.

The vulnerability of the trakboxsize function in the MP4Box multimedia platform’s command set is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

GPAC 代码问题漏洞

GPAC is an open source multimedia framework. GPAC has a denial of service vulnerability in version 1.0.1, which stems from the existence of a pointer dereference in the software's gfisomboxsize function, which could be exploited by an attacker to cause a denial of service...