108 matches found
CVE-2025-47400
Cryptographic issue while copying data to a destination buffer without validating its size...
EUVD-2025-209231
Cryptographic issue while copying data to a destination buffer without validating its size...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. CVE-2026-23533: improper validation can lead to heap buffer overflow in cleardecompressresidualdata...
SUSE-SU-2026:0761-1 Security update for freerdp
This update for freerdp fixes the following issues: - CVE-2026-22855: heap-buffer-overflow in smartcardunpacksetattribcall bsc1256721. - CVE-2026-22857: heap-use-after-free in irpthreadfunc bsc1256723. - CVE-2026-23533: improper validation can lead to heap buffer overflow in...
CVE-2025-71070
A reference count leak flaw was found in the Linux kernel's ublk userspace block driver subsystem. When a ublk server process exits while requests are still pending, the reference counts for those requests are not properly decremented. This leads to WARNONONCE warnings and could potentially allow...
SUSE CVE-2025-71070
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...
CVE-2025-71070
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...
UBUNTU-CVE-2025-71070
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...
CVE-2025-71070 ublk: clean up user copy references on ublk server exit
In the Linux kernel, the following vulnerability has been resolved: ublk: clean up user copy references on ublk server exit If a ublk server process releases a ublk char device file, any requests dispatched to the ublk server but not yet completed will retain a ref value of UBLKREFCOUNTINIT. Befo...
PT-2026-2591
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s ublk subsystem related to reference counting of user copy operations. Specifically, when a ublk server process releases a ublk character device file,...
CVE-2017-18411
The "addon domain conversion" feature in cPanel before 67.9999.103 can copy all MySQL databases to the new account SEC-285...
CVE-2023-43525
Memory corruption while copying the sound model data from user to kernel buffer during sound model register...
EUVD-2022-55920
In the Linux kernel, the following vulnerability has been resolved: usb: musb: Fix musbgadget.c rxstate overflow bug The usb function device call musbgadgetqueue adds the passed request to musbep::reqlist,If the request-length musbep-packetsz and isbuffermappedreq return false,the rxstate will co...
CVE-2023-54286
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...
CVE-2023-53582
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...
UBUNTU-CVE-2023-53582
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strreplace in...
CVE-2025-38662
In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8365-dai-i2s: pass correct size to mt8365daisetpriv Given mt8365daisetpriv allocate privsize space to copy privdata which means we should pass mt8365i2sprivi or "struct mtkafei2spriv" instead of afepriv which ha...
SUSE CVE-2020-26241
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where vulnerable nodes reject the canonical chain. Geth's pre-compiled dataCopy at 0x00...04 contract di...
xorg-x11-server: Out-of-bounds write in XIChangeDeviceProperty/RRChangeOutputProperty
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing f...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: scsi: ufs: core: bsg: Fixed a crash that occurs when the arpmb command fails. If the device does not support arpmb, a crash will occur due to the copying of user data in bsgtransportsgiofn. In cases where...