SUSE CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990397)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990397 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-401671)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-401671 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported ...

kernel: TIPC message reassembly use-after-free remote code execution vulnerability

A use-after-free UAF flaw exists in the Linux Kernel within the reassembly of fragmented TIPC messages, specifically in the tipcbufappend function. The issue results due to a lack of checks in the error handling cleanup and can trigger a UAF on "struct skbuff", which may lead to remote code...

SUSE CVE-2024-36954

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

DEBIAN-CVE-2024-36954

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

DEBIAN-CVE-2024-36886

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...

UBUNTU-CVE-2024-36886

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page sam4k working with Trend Micro Zero Day Initiative reported a UAF in the tipcbufappend error path: BUG: KASAN: slab-use-after-free in kfreeskblistreason+0x47e/0x4c0 linux/net/core/skbuff.c:118...

UBUNTU-CVE-2024-36954

In the Linux kernel, the following vulnerability has been resolved: tipc: fix a possible memleak in tipcbufappend skblinearize doesn't free the skb when it fails, so move 'buf = NULL' after skblinearize, so that the skb can be freed on the err path...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which originates from a possible memory leak in the tipc module tipcbufappend...

SUSE CVE-2003-0693

A "buffer management error" in bufferappendspace of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695...

OSV-2021-955 Stack-buffer-overflow in Buffer_AppendIndentUnchecked

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36009 Crash type: Stack-buffer-overflow WRITE 1 Crash state: BufferAppendIndentUnchecked encode encode...

ruby: Integer overflows in rb_str_buf_append()

Multiple integer overflows in the rbstrbufappend function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that...