29 matches found
SUSE CVE-2026-31707
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...
CVE-2026-31707
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...
CVE-2026-31707
The CVE-2026-31707 issue affects the Linux kernel ksmbd component. The overflow vulnerability in ipc_validate_msg() arises from arithmetic on attacker-controlled fields when computing per-response message sizes, allowing wraparound in three cases (RPC_REQUEST, SHARE_CONFIG_REQUEST, LOGIN_REQUEST_...
CVE-2026-31707 ksmbd: validate response sizes in ipc_validate_msg()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...
EUVD-2026-26516
In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate response sizes in ipcvalidatemsg ipcvalidatemsg computes the expected message size for each response type by adding or multiplying attacker-controlled fields from the daemon response to a fixed struct size in...
PT-2026-36337
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow exists in the ipc validate msg function within the ksmbd module. The function calculates the expected message size for response types by performing unsigned integer...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs The driver, through the SAS transport, exposes a sysfs interface to enable/disable PHYs in a controller/expander setup. When multiple PHYs are disabled and...
EUVD-2015-5357
Malware in sbrugna...
The vulnerability of the Linux operating system’s Bluetooth kernel component, which allows a hacker to gain elevated privileges within the system
The vulnerability of the Linux operating system’s Bluetooth kernel component is related to the use of memory after it is freed in the l2capconfigreq function. Exploiting this vulnerability can allow an attacker to increase their privileges within the system...
SUSE CVE-2024-57804
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix corrupt config pages PHY state is switched in sysfs The driver, through the SAS transport, exposes a sysfs interface to enable/disable PHYs in a controller/expander setup. When multiple PHYs are disabled and...
kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAPCONFREQ packets. This flaw allows a local or bluetooth connection user to crash the system...
kernel: integer overflow in l2cap_config_req() in net/bluetooth/l2cap_core.c
An integer overflow flaw was found in the Linux kernel’s L2CAP bluetooth functionality in how a user generates malicious L2CAPCONFREQ packets. This flaw allows a local or bluetooth connection user to crash the system...
OESA-2022-2134 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: An issue was discovered in the Linux kernel through 6.0.10. l2capconfigreq in net/bluetooth/l2capcore.c has an integer wraparound via L2CAPCONFREQ packets.CVE-2022-45934 There are null-ptr-deref vulnerabilities in drivers/net/sli...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-10657
Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote authenticated users to discover passwords via a /ubus/uci.apply config request...
PT-2019-11970 · Grandstream · Grandstream Gwn7000 +1
Name of the Vulnerable Software and Affected Versions: Grandstream GWN7000 versions prior to 1.0.6.32 Grandstream GWN7610 versions prior to 1.0.8.18 Description: The issue allows remote authenticated users to discover passwords via a "/ubus/uci.apply" config request. This could potentially lead t...
CVE-2019-7720
taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-6442
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...
CVE-2019-6442
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...
DEBIAN-CVE-2019-6442
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to configremotely in ntpconfig.c, yyparse in ntpparser.tab.c, and yyerror in ntpparser.y...