3711 matches found
UBUNTU-CVE-2023-53144
In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...
CVE-2023-53144 erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms
In the Linux kernel, the following vulnerability has been resolved: erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms As the call trace shown, the root cause is kunmap incorrect pages: BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted...
PT-2025-18908 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.2.0-rc5 Description: A bug in the Linux kernel has been resolved, related to the erofs filesystem when using LZMA compression on HIGHMEM platforms. The issue causes a kernel NULL pointer dereference due to...
CVE-2025-27611
base-x is a base encoder and decoder of any given alphabet using bitcoin style leading zero compression. Versions 4.0.0, 5.0.0, and all prior to 3.0.11, are vulnerable to attackers potentially deceiving users into sending funds to an unintended address. This issue has been patched in versions...
CVE-2025-27611
CVE-2025-27611 is a base-x homograph attack affecting the base-x base encoder/decoder. The shared issue, present in versions 4.0.0, 5.0.0, and all prior to 3.0.11, can allow Unicode lookalike characters to bypass validation, potentially deceiving users into sending funds to an unintended address....
PT-2025-18320 · Base-X · Base-X
Name of the Vulnerable Software and Affected Versions: base-x versions prior to 3.0.11 base-x version 4.0.0 base-x version 5.0.0 Description: The issue allows attackers to potentially deceive users into sending funds to an unintended address. This is achieved through a problem in the base-x encod...
Token-Efficient Prompt Injection Attack: Provoking Cessation in LLM Reasoning Via Adaptive Token Compression
While reasoning large language models LLMs demonstrate remarkable performance across various tasks, they also contain notable security vulnerabilities. Recent research has uncovered a "thinking-stopped" vulnerability in DeepSeek-R1, where model-generated reasoning tokens can forcibly interrupt th...
[SECURITY] Fedora 42 Update: xz-5.8.1-2.fc42
XZ Utils are an attempt to make LZMA compression easy to use on free as in freedom operating systems. This is achieved by providing tools and libraries which are similar to use than the equivalents of the most popular existing compression algorithms. LZMA is a general purpose compression algorith...
SUSE CVE-2025-22127
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...
[SECURITY] Fedora 42 Update: rust-zip-2.6.1-1.fc42
Library to support the reading and writing of zip files...
DEBIAN-CVE-2022-47112
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected...
CVE-2025-22127
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...
DEBIAN-CVE-2025-22127
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...
CVE-2025-22127
CVE-2025-22127 affects the Linux kernel F2FS. The issue could cause a kernel hang when a compressed file system operation triggers IO errors during load of the error table to a dm device, while f2fs_write_data_pages holds the writepages lock. Root cause described: IO error looping in f2fs_prepare...
CVE-2025-22127 f2fs: fix potential deadloop in prepare_compress_overwrite()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential deadloop in preparecompressoverwrite Jan Prusakowski reported a kernel hang issue as below: When running xfstests on linux-next kernel 6.14.0-rc3, 6.12 I encountered a problem in generic/475 test where fsstres...
[SECURITY] Fedora 42 Update: openvpn-2.6.14-1.fc42
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
[SECURITY] Fedora 42 Update: upx-5.0.0-1.fc42
UPX is a free, portable, extendable, high-performance executable packer for several different executable formats. It achieves an excellent compression ratio and offers very fast decompression. Your executables suffer no memory overhead or other drawbacks...
[SECURITY] Fedora 40 Update: openvpn-2.6.14-1.fc40
OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for...
delve and golang security update
delve 1.24.1-2.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.24.1-2 - Fix 3 test failures - Resolves: RHEL-83939 - Resolves: RHEL-83958 - Resolves: RHEL-7373 1.24.1-1 - Rebase to Delve 1.24.1 - Resolves: RHEL-64445 golang 1.23.6-2 - Fix runtime usleep issue on s390x...
The vulnerability of the command-line tool of the Zstandard data compression library, related to uncontrolled resource consumption, allows a hacker to cause a service failure.
The vulnerability of the command-line tool of the Zstandard data compression library is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures...