CVE-2026-45999 erofs: fix unsigned underflow in z_erofs_lz4_handle_overlap()

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed scheduling issues during atomic decompression operations 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0...

GHSA-G7F3-828F-7H7M Authlib : JWE zip=DEF decompression bomb enables DoS

Summary Authlib’s JWE zip=DEF path performs unbounded DEFLATE decompression. A very small ciphertext can expand into tens or hundreds of megabytes on decrypt, allowing an attacker who can supply decryptable tokens to exhaust memory and CPU and cause denial of service. Details - Affected component...

EUVD-2023-59822

Malicious code in bioql PyPI...

SUSE CVE-2023-53262

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

DEBIAN-CVE-2023-53262

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

CVE-2023-53262

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

UBUNTU-CVE-2023-53262

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

CVE-2023-53262 f2fs: fix scheduling while atomic in decompression path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

CVE-2023-53262

Mode C: Affected software/issue details: CVE-2023-53262 concerns the Linux kernel with f2fs: fix scheduling while atomic in decompression path. The connected sources describe a root cause in the decompression path related to scheduling during atomic operations, evidenced by a long call trace endi...

CVE-2023-53262 f2fs: fix scheduling while atomic in decompression path

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix scheduling while atomic in decompression path 16.945668 C0 Call trace: 16.945678 C0 dumpbacktrace+0x110/0x204 16.945706 C0 dumpstacklvl+0x84/0xbc 16.945735 C0 schedulebug+0xb8/0x1ac 16.945756 C0 schedule+0x724/0xbdc...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from an atomic scheduling problem in the decompression path...

PT-2025-37703

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was discovered in the Linux kernel related to scheduling during atomic operations within the decompression path of the f2fs filesystem. The issue involves potential scheduling...

CVE-2025-0332 Progress UI for WinForms decompression path traversal vulnerability

In Progress® Telerik® UI for WinForms, versions prior to 2025 Q1 2025.1.211, using the improper limitation of a target path can lead to decompressing an archive's content into a restricted directory...

DEBIAN-CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2020-14104

A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM version =1.0.50...

CVE-2020-14104

CVE-2020-14104 concerns a race condition in the XQBACKUP component of the Xiaomi router AX3600 running ROM 1.0.50, causing a decompression path error. The issue is documented across multiple sources as affecting the AX3600 with ROM 1.0.50, and it originates from a race condition in XQBACKUP. The ...

Xiaomi Xiaomi router AX3600 竞争条件问题漏洞

Xiaomi router AX3600 is a router from China-based Xiaomi. A security vulnerability exists in the Xiaomi router AX3600 ROM version 1.0.50, which originates from a decompression path error...

phpcms latest vulnerability that! Background direct upload SHELL vulnerability to upload arbitrary files-the vulnerability warning-the black bar safety net

Author: y0u By law the guest Forum Today doing PHPCMS enterprise's basic template, stumbled upon the PHPCMS a direct upload arbitrary file vulnerability. Click on the module business template Management Add corporate template. Then add a ZIP compression package. ZIP archive inside a PHP Trojan,...