Open5GS 缓冲区错误漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain a buffer error vulnerability. This vulnerability stems from the reuse of a resource after it has been released in the...

CVE-2026-8669

Imager versions through 1.030 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The page-match...

EUVD-2026-30535

Imager::File::GIF versions through 1.002 for Perl allow a heap out of bounds OOB write on crafted multi-frame GIF files. Imager::File::GIF's ireadgifmultilow allocates a single per-row buffer GifRow sized for the GIF's global screen width 'SWidth' and reuses it across every image in the file. The...

CLSA-2026-1777886414 xorg-x11-server-Xwayland: Fix of 3 CVEs

CVE-2026-33999: fix buffer re-use in XkbSetCompatMap ELSCVE-122736 - CVE-2026-34001: fix use-after-free in miSyncTriggerFence ELSCVE-122732 - CVE-2026-34003: add bounds checking in CheckKeyTypes and companion helpers ELSCVE-122740...

CLSA-2026-1777885651 tigervnc: Fix of 3 CVEs

CVE-2026-33999: fix buffer re-use in XkbSetCompatMap ELSCVE-122668 - CVE-2026-34001: fix use-after-free in miSyncTriggerFence ELSCVE-122664 - CVE-2026-34003: add bounds checking in CheckKeyTypes and companion helpers ELSCVE-122672...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: nilfs2: A bug in markbufferdirty was fixed, as it previously caused a warning when buffers were discarded and reused. A syzbot stress test using a corrupted disk image revealed that markbufferdirty called from nilfsmark inodedirt...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013164)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013164 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a...

Race Condition

Overview org.apache.kafka:kafka-clients is a streaming platform that can publish and subscribe to streams of records, store streams of records in a fault-tolerant durable way, and process streams of records as they occur. Affected versions of this package are vulnerable to Race Condition in...

Linux Kernel Security Vulnerabilities

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the release of the DMA buffer before task access. This can lead to reusing the buffer after it ha...

Linux Distros Unpatched Vulnerability : CVE-2023-54140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from...

SUSE CVE-2023-54140

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

EUVD-2023-60305

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

UBUNTU-CVE-2023-54140

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

CVE-2023-54140 nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the reuse of a discarded buffer, which could result in a kernel warning or a system crash...

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the decompression process when the output buffer is reused without being cleared. An attacker can access sensitive information from previous buffer contents by providing crafted...

Insertion of Sensitive Information Into Sent Data

Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information Into Sent Data in the decompression process when the output buffer is reused without being cleared. An attacker can access sensitive information from previous buffer contents by providing crafted...

aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Summary Incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lead to disclosure of...

GHSA-VX9Q-RHV9-3JVG aircompressor Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Summary Incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is reused without being cleared, this may lead to disclosure of...

CVE-2025-67721 Aircompressor's Snappy and LZ4 Java-based decompressor implementation can leak information from reused output buffer

Aircompressor is a library with ports of the Snappy, LZO, LZ4, and Zstandard compression algorithms to Java. In versions 3.3 and below, incorrect handling of malformed data in Java-based decompressor implementations for Snappy and LZ4 allow remote attackers to read previous buffer contents via...