DEBIAN-CVE-2023-53220

In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach az6007i2cxfer. If...

CVE-2022-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb-len == 0 when we enter devqueuexmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbuff.h:2576 skbassertlen...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check buffer lengths and incorrect use of the snprintf function, which could result in a buffer...

CVE-2025-39713 media: rainshadow-cec: fix TOCTOU race condition in rain_interrupt()

In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in raininterrupt In the interrupt handler raininterrupt, the buffer full check on rain-buflen is performed before acquiring rain-buflock. This creates a Time-of-Check to Time-of-Us...

Security update for opensc

This update for opensc fixes the following issues: CVE-2023-5992: Side-channel leaks while stripping encryption PKCS1 padding bsc1219386. CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key bsc1230364. CVE-2024-45620: Incorrect handling of the length of buffers or files in...

SUSE CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

UBUNTU-CVE-2025-38680

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

CVE-2025-38680 media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

CVE-2025-38680

The CVE CVE-2025-38680 affects the Linux kernel media: uvcvideo component, where a 1-byte out-of-bounds read can occur in uvc_parse_format(). The root cause is a buffer length check that only guaranteed buf > 2, while the code accesses buffer[3], requiring at least 4 bytes. The vulnerability’s...

CVE-2025-38680 media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat The buffer length check before calling uvcparseformat only ensured that the buffer has at least 3 bytes buflen 2, buf the function accesses buffer3, requiring at...

pptp: ensure minimal skb length in pptp_xmit()

...

Libopensc: incorrect handling of the length of buffers or files in pkcs15init

...

DELL iDRAC Service Module Elevation of Privilege Vulnerability

The DELL iDRAC Service Module is a lightweight software service on Dell servers that is primarily used to enhance the functionality of iDRAC Integrated Dell Remote Control Card and improve server management efficiency by consolidating operating system information. An elevation of privilege...

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-38743

Dell iDRAC Service Module (iSM)

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

CVE-2025-38743

Dell iDRAC Service Module iSM, versions prior to 6.0.3.0, contains a Buffer Access with Incorrect Length Value vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of privileges...

Dell iDRAC Service Module 安全漏洞

The DELL iDRAC Service Module is a lightweight software service on Dell servers that is primarily used to enhance the functionality of iDRAC Integrated Dell Remote Control Card and improve server management efficiency by consolidating operating system information. An elevation of privilege...