CVE-2025-39766 net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from cakeenqueue not returning NETXMITCN correctly when bufferlimit is exceeded, which could lead to an error...

BIT-LIBPHP-2025-1861 Stream HTTP wrapper truncates redirect location to 1024 bytes

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

The vulnerability of the netfs_retry_write_stream() function in the fs/netfs/write_retry.c module of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the netfsretrywritestream function in the fs/netfs/writeretry.c module of the Linux operating system is related to the violation of the buffer’s initial limit. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-50221 drm/fb-helper: Fix out-of-bounds access

In the Linux kernel, the following vulnerability has been resolved: drm/fb-helper: Fix out-of-bounds access Clip memory range to screen-buffer size to avoid out-of-bounds access in fbdev deferred I/O's damage handling. Fbdev's deferred I/O can only track pages. From the range of pages, the damage...

Important: redis6

Issue Overview: Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not...

CVE-2025-21605 Redis DoS Vulnerability due to unlimited growth of output buffers abused by unauthenticated client

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

CVE-2025-21605

Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the outpu...

DEBIAN-CVE-2025-22058

In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasionally spiked to 524,288...

PT-2025-16699 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the Linux kernel's UDP implementation, where multiple wraparounds of sk-sk rmem alloc can occur. This happens when sk-sk rcvbuf is set to a large value, such as...

AZL-60343 CVE-2025-21905 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

DEBIAN-CVE-2025-1861

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

AZL-59330 CVE-2025-1861 affecting package php for versions less than 8.3.19-1

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

CVE-2025-1861

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

CVE-2025-1861

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

SUSE CVE-2025-1861

In PHP from 8.1. before 8.1.32, from 8.2. before 8.2.28, from 8.3. before 8.3.19, from 8.4. before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC911...

CVE-2022-49564

CVE-2022-49564 : Linux kernel crypto qat flaw where DH parameter handling could underflow. The fix rejects requests when the source buffer is larger than the key, preventing an underflow when copying the source scatterlist into a linear buffer. Documents/refs show the fix being incorporated in ke...

CVE-2022-49292 ALSA: oss: Fix PCM OSS buffer allocation overflow

In the Linux kernel, the following vulnerability has been resolved: ALSA: oss: Fix PCM OSS buffer allocation overflow We've got syzbot reports hitting INTMAX overflow at vmalloc allocation that is called from sndpcmplugalloc. Although we apply the restrictions to input parameters, it's based only...

DEBIAN-CVE-2024-50288

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix buffer overwrite when using 32 buffers The maximum number of buffers that can be requested was increased to 64 for the video capture queue. But video capture used a mustblank array that was still sized for 32...

The vulnerability of the MMS multimedia library protocol in FFmpeg, related to reading data beyond the buffer’s allowed limits, allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the MMS protocol in the FFmpeg multimedia library relates to reading data beyond the allowed buffer limits. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...