9 matches found
JLSEC-2026-479
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an...
CVE-2025-38068
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
CVE-2025-38068
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
DEBIAN-CVE-2025-38068
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
UBUNTU-CVE-2025-38068
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
CVE-2025-38068
CVE-2025-38068: In the Linux kernel, the crypto/lzo path fixed a compression buffer overrun by adding a safe compression interface that checks the end of the output buffer before each write and using it in crypto/lzo. This corrects a prior assumption that the caller always provided sufficient buf...
CVE-2025-38068 crypto: lzo - Fix compression buffer overrun
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
CVE-2025-38068 crypto: lzo - Fix compression buffer overrun
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: crypto: lzo – Fix for compression buffer overflows Unlike the decompression code, the compression code in LZO never checked for output overflows. Instead, it assumes that the caller always provides sufficient buffer space, withou...