19 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: sched: Fixed schednumafindnthcpu when the mask is offline. schednumafindnthcpu uses bsearch to find the “closest” CPU in scheddomainsnumamasks, given a CPU mask. However, the CPUs in the mask might not intersect if all CPUs in...
CVE-2025-22124
CVE-2025-22124 affects the Linux kernel md/md-bitmap logic used by clustermd. The root cause was an incorrect bitmap_limit calculation for per-node write-intent bitmaps, which could result in 0-size writes to the 4k SB area for a node and cause hangs during mdadm/clustermd tests. The remediation ...
DEBIAN-CVE-2024-46787
In the Linux kernel, the following vulnerability has been resolved: userfaultfd: fix checks for huge PMDs Patch series "userfaultfd: fix races around pmdtranshuge check", v2. The pmdtranshuge code in mfillatomic is wrong in three different ways depending on kernel version: 1. The pmdtranshuge che...
Moderate: Red Hat Security Advisory: libreswan security and bug fix update
An update for libreswan is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Important: nodejs security and bug fix update
Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security Fixes: nodejs: Permissions policies can be bypassed via Module.load CVE-2023-32002 nodejs: Permissions policies can impersonate other modules in using...
arduinojson:json_fuzzer: Use-of-uninitialized-value in void ArduinoJsonNUMBER_71::Utf8::encodeCodepoint<ArduinoJsonNUMBER_71::StringCop
Project: https://github.com/bblanchon/ArduinoJson.git Detailed Report: https://oss-fuzz.com/testcase?key=5127643834613760 Project: arduinojson Fuzzing Engine: libFuzzer Fuzz Target: jsonfuzzer Job Type: libfuzzermsanarduinojson Platform Id: linux Crash Type: Use-of-uninitialized-value Crash...
open62541:fuzz_json_decode: Stack-use-after-scope in strtoll
Project: https://github.com/open62541/open62541.git Detailed Report: https://oss-fuzz.com/testcase?key=4628081611636736 Project: open62541 Fuzzing Engine: afl Fuzz Target: fuzzjsondecode Job Type: aflasanopen62541 Platform Id: linux Crash Type: Stack-use-after-scope WRITE 8 Crash Address:...
go-dns:fuzz_msg_unpack: Crash with empty stacktrace
Detailed Report: https://oss-fuzz.com/testcase?key=5674594752266240 Project: go-dns Fuzzing Engine: libFuzzer Fuzz Target: fuzzmsgunpack Job Type: libfuzzerasango-dns Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000003ee72 Crash State: NULL Sanitizer: address ASAN Recommended...
open62541:fuzz_binary_message: Crash in UA_Server_initNS0
Project: https://github.com/open62541/open62541.git Detailed Report: https://oss-fuzz.com/testcase?key=5751655076462592 Project: open62541 Fuzzing Engine: libFuzzer Fuzz Target: fuzzbinarymessage Job Type: libfuzzerasanopen62541 Platform Id: linux Crash Type: UNKNOWN READ Crash Address:...
libkkc-data bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Important: Red Hat Security Advisory: systemd security and bug fix update
An update for systemd is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
wget2/wget_options_fuzzer: Heap-buffer-overflow in _iri_unescape_inline
Project: https://gitlab.com/gnuwget/wget2.git Detailed report: https://oss-fuzz.com/testcase?key=5668230217072640 Project: wget2 Fuzzer: libFuzzerwget2wgetoptionsfuzzer Fuzz target binary: wgetoptionsfuzzer Job Type: libfuzzerasanwget2 Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...
CVE-2018-20167
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...
mupdf/pdf_fuzzer: Use-of-uninitialized-value in fz_maxi
Project: git://git.ghostscript.com/mupdf.git Detailed report: https://oss-fuzz.com/testcase?key=4803533114179584 Project: mupdf Fuzzer: libFuzzermupdfpdffuzzer Fuzz target binary: pdffuzzer Job Type: libfuzzermsanmupdf Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash...
chakra: Crash in Js::InterpreterStackFrame::DoLoopBodyStart
Project: https://github.com/Microsoft/ChakraCore.git Detailed report: https://oss-fuzz.com/testcase?key=5378660243603456 Project: chakra Fuzzer: jsfuzzer Job Type: asanchakra Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0xfffffffffffffffd Crash State:...
Important: Red Hat Security Advisory: httpd security and bug fix update
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Moderate: Red Hat Security Advisory: python-keystoneclient security and bug fix update
Updated python-keystoneclient packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux OpenStack Platform 5.0 for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring...
CentOS Update for kernel CESA-2007:1049 centos3 i386
Check for the Version of kernel OpenVAS Vulnerability Test CentOS Update for kernel CESA-2007:1049 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...
kernel security and bug fix update
2.6.9-67.0.20.0.1.EL - fix skb alignment that was causing sendto to fail with EFAULT Olaf Kirch orabug 6845794 - fix entropy flag in bnx2 driver to generate entropy pool John Sobecki orabug 5931647 - fix enomem due to larger mtu size page alloc Zach Brown orabug 5486128 - fix percpu api bugon wit...