20 matches found
Astra Linux - уязвимость в linux, linux-5.10
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c within the ext4 subsystem of the Linux kernel, as of version 5.13.13...
EUVD-2025-203696
In the Linux kernel, the following vulnerability has been resolved: bpf: Add bpfprogrundatapointers syzbot found that clsbpfclassify is able to change tcskbcbskb-dropreason triggering a warning in skskbreasondrop. WARNING: CPU: 0 PID: 5965 at net/core/skbuff.c:1192 skskbreasondrop...
CVE-2025-68200
CVE-2025-68200 is a Linux kernel vulnerability addressed by introducing bpf_prog_run_data_pointers() to save/restore net_sched storage that collides with BPF data_meta/data_end. The issue stemmed from cls_bpf_classify() potentially modifying tc_skb_cb(skb)->drop_reason, triggering a warning in...
bpf: Fail verification for sign-extension of packet data/data_end/data_meta
...
DEBIAN-CVE-2024-53193
In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2clkprovider Some heap space is allocated for the flexible structure struct clkhwonecelldata and its flexible-array member hws through the composite structure struct...
SUSE CVE-2024-47702
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/dataend/datameta syzbot reported a kernel crash due to commit 1f1e864b6555 "bpf: Handle sign-extenstin ctx member accesses". The reason is due to sign-extension of 32-bit...
DEBIAN-CVE-2024-47702
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/dataend/datameta syzbot reported a kernel crash due to commit 1f1e864b6555 "bpf: Handle sign-extenstin ctx member accesses". The reason is due to sign-extension of 32-bit...
UBUNTU-CVE-2024-47702
In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/dataend/datameta syzbot reported a kernel crash due to commit 1f1e864b6555 "bpf: Handle sign-extenstin ctx member accesses". The reason is due to sign-extension of 32-bit...
SUSE CVE-2024-25584
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...
AZL-69910 CVE-2024-25584 affecting package dovecot 2.3.20-1
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...
UBUNTU-CVE-2024-25584
Dovecot accepts dot LF DOT LF symbol as end of DATA command. RFC requires that it should always be CR LF DOT CR LF. This causes Dovecot to convert single mail with LF DOT LF in middle, into two emails when relaying to SMTP. Dovecot will split mail with LF DOT LF into two mails. Upgrade to latest...
PT-2024-21020 · Dovecot · Dovecot
Name of the Vulnerable Software and Affected Versions: Dovecot affected versions not specified Description: The issue arises because Dovecot accepts the dot LF DOT LF symbol as the end of the DATA command, whereas the RFC requires it to be CR LF DOT CR LF. This discrepancy causes Dovecot to split...
AZL-42474 CVE-2024-36891 affecting package kernel for versions less than 6.6.35.1-4
In the Linux kernel, the following vulnerability has been resolved: mapletree: fix masemptyarearev null pointer dereference Currently the code calls masstart followed by masdataend if the maple state is MASTART, but masstart may return with the maple state node == NULL. This will lead to a null...
UBUNTU-CVE-2024-36891
In the Linux kernel, the following vulnerability has been resolved: mapletree: fix masemptyarearev null pointer dereference Currently the code calls masstart followed by masdataend if the maple state is MASTART, but masstart may return with the maple state node == NULL. This will lead to a null...
kernel: race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem
A flaw was found in the Linux kernel. A race condition was discovered in the ext4 subsystem. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2022-005)
The version of kernel installed on the remote host is prior to 5.10.62-55.141. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2022-005 advisory. A flaw was found in the Linux kernel's implementation of wireless drivers using the Atheros chipsets. An...
A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
...
DEBIAN-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
UBUNTU-CVE-2021-40490
A race condition was discovered in ext4writeinlinedataend in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13...
mercurial: Missing check for fragment start position in mpatch.c:mpatch_apply()
The mpatchapply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004...