CVE-2025-38592

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

Amazon Linux 2 : opensc (ALAS-2024-2709)

The version of opensc installed on the remote host is prior to 0.19.0-6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2709 advisory. It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and...

Low: opensc

Issue Overview: It is caused by the libopensc library in opensc porject. This vulnerability affects how the buffer data is handled and partially filled buffers can be accessed incorrectly when a specially crafted response to APDUs in a USB device or a smart card. CVE-2024-45615 It is caused by th...

CVE-2024-53058 net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: TSO: Fix unbalanced DMA map/unmap for non-paged SKB data In case the non-paged data of a SKB carries protocol header and protocol payload to be transmitted on a certain platform that the DMA AXI address width is...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of unbalanced DMA mapping or unmapping of non-page SKB data...

AZL-48804 CVE-2024-45619 affecting package opensc for versions less than 0.23.0-5

A vulnerability was found in OpenSC, OpenSC tools, PKCS11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer...

UBUNTU-CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb-mark syzbot found arm64 builds would crash in sockrecvmark when CONFIGHARDENEDUSERCOPY=y x86 and powerpc are not detecting the issue because they define useraccessbegin. This will be handl...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1202)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1202 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

RHEL 7 : qemu-kvm-rhev (RHSA-2019:1199)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1199 advisory. KVM Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provi...

Out-of-bounds Read

FreeRDP is vulnerable to Out-of-bounds Read. The vulnerability is caused due to inadequate bounds checking when reading data from a buffer.This allows an attacker to access or manipulate data outside its intended range, potentially leading to unauthorized information disclosure...

LibRaw: stack buffer overflow in LibRaw_buffer_datastream::gets() in src/libraw_datastream.cpp

A flaw was found in the LibRaw package. A stack buffer overflow in the LibRawbufferdatastream::gets function in src/librawdatastream.cpp caused by a maliciously crafted file may result in compromised confidentiality and integrity and an application crash...

CVE-2023-6660

When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever...

OpenHarmony 安全漏洞

OpenHarmony is a kind of hongmeng operating system open source project. A security vulnerability exists prior to OpenHarmony version v3.2.2, which can be exploited by an attacker to obtain sensitive buffer information by using uninitialized resources...

F5 Networks BIG-IP : Microarchitectural Fill Buffer Data Sampling (MFBDS) (K80159635)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K80159635 advisory. - Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative...

F5 Networks BIG-IP : Microarchitectural Store Buffer Data Sampling (MSBDS) (K52370164)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K52370164 advisory. - Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative...

Oracle Linux 5 : kernel (ELSA-2019-4702)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4702 advisory. - x86/speculation/mds: Conditionally clear CPU buffers on idle entry Thomas Gleixner orabug 29821515 CVE-2018-12126 CVE-2018-12130 CVE-2018-12127...

CVE-2023-40217

CVE-2023-40217 affects Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. The issue occurs mainly in TLS client-auth scenarios on servers (e.g., HTTP servers). If a TLS server-side SSLSocket is created, data is read into the socket buffer and the socket is...

K80159635: Microarchitectural Fill Buffer Data Sampling (MFBDS) CVE-2018-12130

Security Advisory Description Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2018-12130 Impact MDS...

K52370164: Microarchitectural Store Buffer Data Sampling (MSBDS) CVE-2018-12126

Security Advisory Description Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access.CVE-2018-12126 Impact MDS...