CVE-2025-68217 Input: pegasus-notetaker - fix potential out-of-bounds access

In the Linux kernel, the following vulnerability has been resolved: Input: pegasus-notetaker - fix potential out-of-bounds access In the pegasusnotetaker driver, the pegasusprobe function allocates the URB transfer buffer using the wMaxPacketSize value from the endpoint descriptor. An attacker ca...

DEBIAN-CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

CVE-2023-53768

CVE-2023-53768 concerns the Linux kernel regmap-irq code: during regmap_add_irq_chip_fwnode() the 2D matrix for IRQ type registers is allocated incorrectly, resulting in out-of-bounds memory writes when num_config_regs exceeds num_config_bases. The root cause is that the inner allocations were pe...

CVE-2023-53768

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmapaddirqchipfwnode, the intent is to allocate a matrix with numconfigbases rows and...

CVE-2023-53768 regmap-irq: Fix out-of-bounds access when allocating config buffers

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmapaddirqchipfwnode, the intent is to allocate a matrix with numconfigbases rows and...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gstreamer1 (UTSA-2025-988621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988621 advisory. GStreamer is a library for constructing graphs of media-handling components. An integer underflow has been detected in the function qtdemuxparsetheoraextension withi...

Node.js: Timeout-based race conditions make Uint8Array/Buffer.alloc non-zerofilled

A flaw in Node.js's buffer allocation logic was discovered, where buffers allocated with Buffer.alloc and other TypedArray instances like Uint8Array may contain leftover data from previous operations under specific timing conditions...

UBUNTU-CVE-2025-10923

GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2025-10924 GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability

GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

CVE-2025-10924

CVE-2025-10924 affects GIMP FF file parsing and is an integer overflow vulnerability that can lead to remote code execution when a user opens a malicious FF file. Multiple vendor advisories (openSUSE/SUSE, MiracleLinux, Alibaba Cloud Linux, etc.) reference this CVE among a set of GIMP file-parsin...

CVE-2025-10923

CVE-2025-10923 : GIMP WBMP File Parsing Integer Overflow Remote Code Execution vulnerability. The flaw arises from insufficient validation during WBMP parsing, causing an overflow when allocating a buffer and enabling code execution in the current process. Exploitation requires the target to visi...

CVE-2025-10923

GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

EUVD-2025-36475

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

Oracle VirtualBox VMSVGA Integer Underflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VMSVGA...

CVE-2025-47354

Memory corruption while allocating buffers in DSP service...

CVE-2025-47354

Memory corruption while allocating buffers in DSP service...

EUVD-2025-33235

Memory corruption while allocating buffers in DSP service...

CVE-2025-47354 Use After Free in DSP Service

Memory corruption while allocating buffers in DSP service...

CVE-2025-47354

CVE-2025-47354 is described across multiple sources as a memory corruption issue in the DSP service related to buffer allocation on Qualcomm chipsets ( Qualcomm kernel component ). Several enrichment entries label the flaw as a Use After Free in the DSP service; Red Hat/NVD entries repeat the mem...

CVE-2025-47354 Use After Free in DSP Service

Memory corruption while allocating buffers in DSP service...