426 matches found
UBUNTU-CVE-2025-47183
In GStreamer through 1.26.1, the isomp4 plugin's qtdemuxparsetree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure...
ALSA: pcm: Fix race of buffer access at PCM OSS layer
...
Buffer Access with Incorrect Length Value
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value via the MessageQueue class in the bundled Python backend. An attacker could...
Buffer Access with Incorrect Length Value
Overview nvidia-pytriton is a PyTriton - Flask/FastAPI-like interface to simplify Triton's deployment in Python environments. Affected versions of this package are vulnerable to Buffer Access with Incorrect Length Value via the MessageQueueShm class in the bundled Python backend. An attacker coul...
CBL Mariner 2.0 Security Update: opensc (CVE-2024-45619)
The version of opensc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45619 advisory. - A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use...
CVE-2025-43580
Audition versions 25.2, 24.6.3 and earlier are affected by an Access of Memory Location After End of Buffer vulnerability that could result in application denial-of-service. An attacker could leverage this vulnerability to crash the application or disrupt its functionality. Exploitation of this...
CVE-2025-38086
In the Linux kernel, the following vulnerability has been resolved: net: ch9200: fix uninitialised access during miinwayrestart In miinwayrestart the code attempts to call mii-mdioread which is ch9200mdioread. ch9200mdioread utilises a local buffer called "buff", which is initialised with...
CVE-2025-38078
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...
OESA-2025-1662 wireshark security update
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fixes: A...
OESA-2025-1661 wireshark security update
Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fixes: A...
SUSE CVE-2025-38078
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...
CVE-2025-38078
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...
CVE-2025-38061
In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...
AZL-63995 CVE-2025-38061 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...
CVE-2025-38078
CVE-2025-38078 affects the Linux kernel ALSA PCM OSS path. A race in buffer-clearing during initialization/reconfiguration could access a potentially freed runtime->dma_area, risking a use-after-free. The mitigation moved the silence-buffer operation into the PCM core and synchronized it under...
CVE-2025-38078 ALSA: pcm: Fix race of buffer access at PCM OSS layer
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...
CVE-2025-38078
In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer with the silence data at initialization or reconfiguration of a stream with the explicit call of sndpcmformatsetsilence with...
CVE-2025-38061 net: pktgen: fix access outside of user given buffer in pktgen_thread_write()
In the Linux kernel, the following vulnerability has been resolved: net: pktgen: fix access outside of user given buffer in pktgenthreadwrite Honour the user given buffer size for the strnlen calls otherwise strnlen will access memory outside of the user given buffer...
Important: kernel-livepatch-4.14.355-276.639
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect access to buffers with no active references CVE-2025-21811 Affected Packages: kernel-livepatch-4.14.355-276.639 Issue Correction: Please ensure you have live patching enabled. Run yum update...
SUSE-SU-2025:01569-1 Security update for libraw
This update for libraw fixes the following issues: - CVE-2025-43961: Fixed out-of-bounds read in the Fujifilm 0xf00c tag parser in metadata/tiff.cpp bsc1241643 - CVE-2025-43962: Fixed out-of-bounds read when tag 0x412 processing in phaseonecorrect function bsc1241585 - CVE-2025-43963: Fixed...