82 matches found
EUVD-2019-2348
Malware in sbrugna...
EUVD-2020-3658
Malware in sbrugna...
EUVD-2018-3341
Malware in sbrugna...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-387783)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-387783 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25c...
EUVD-2024-53759
Malicious code in bioql PyPI...
SUSE CVE-2025-38680
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...
UBUNTU-CVE-2025-38680
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...
CVE-2025-38680
The CVE CVE-2025-38680 affects the Linux kernel media: uvcvideo component, where a 1-byte out-of-bounds read can occur in uvc_parse_format(). The root cause is a buffer length check that only guaranteed buf > 2, while the code accesses buffer[3], requiring at least 4 bytes. The vulnerability’s...
CVE-2025-38680 media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...
DEBIAN-CVE-2023-4130
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...
UBUNTU-CVE-2023-4130
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...
CVE-2023-4130
CVE-2023-4130 : In the Linux kernel’s ksmbd SMB2 handling, there is a vulnerability due to wrong next length validation of the ea buffer in smb2_set_ea(). When multiple smb2_ea_info buffers are in FILE_FULL_EA_INFORMATION, ksmbd iterates using NextEntryOffset and validates only with that offset i...
CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...
CVE-2025-38413
In the Linux kernel, the following vulnerability has been resolved: virtio-net: xsk: rx: fix the frame's length check When calling buftoxdp, the len argument is the frame data's length without virtio header's length vi-hdrlen. We check that len with xskpoolgetrxframesize + vi-hdrlen to ensure the...
CVE-2025-38375
CVE-2025-38375: In the Linux kernel, virtio-net could trigger an out-of-bounds read due to not validating the received length against the allocated size when reading buffers from the ring in xdp_linearize_page. The fix adds the missing length check. Affected entries in Debian/Amazon/RH advisories...
UBUNTU-CVE-2025-38249
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 In sndusbgetaudioformatuac3, the length value returned from sndusbctlmsg is used directly for memory allocation without validation. This length is controlled by...
Medium: libcublas-12-9
Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...
Medium: cuda-toolkit-12
Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...
Medium: cuda-nsight-12-9
Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...
Medium: cuda-nvprune-12-9
Issue Overview: NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this...