18 matches found
CVE-2025-40046
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
CVE-2025-40046
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
UBUNTU-CVE-2025-40046
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
CVE-2025-40046
CVE-2025-40046 concerns the Linux kernel: io_uring/zcrx may overshoot the recv limit because io_zcrx_recv_skb() double-counted desc->count when processing frag lists, leading to receiving more data than requested and underflow during recursive frag-list handling. The available connected docume...
EUVD-2025-36482
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
CVE-2025-40046 io_uring/zcrx: fix overshooting recv limit
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
CVE-2025-40046 io_uring/zcrx: fix overshooting recv limit
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...
PT-2025-44114
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/zcrx functionality where a zcrx request can sometimes receive more data than requested. This occurs because the io zcrx recv skb function...
UBUNTU-CVE-2025-38298
In the Linux kernel, the following vulnerability has been resolved: EDAC/skxcommon: Fix general protection fault After loading i10nmedac which automatically loads skxedaccommon, if unload only i10nmedac, then reload it and perform error injection testing, a general protection fault may occur: mce...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a btrfsrundelallocrange failure that could lead to double counting contention...
SUSE CVE-2024-42316
In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressurecalclevel evictfolios uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since foliorotatereclaimable cannot handl...
DEBIAN-CVE-2024-42316
In the Linux kernel, the following vulnerability has been resolved: mm/mglru: fix div-by-zero in vmpressurecalclevel evictfolios uses a second pass to reclaim folios that have gone through page writeback and become clean before it finishes the first pass, since foliorotatereclaimable cannot handl...
Time-weighted liquidity accounting assumes consecutive activity; double counting possible, needs validation.
Lines of code Vulnerability details Impact Time-weighted liquidity accounting in accrueConcentratedPositionTimeWeightedLiquidity and similar functions assumes ticks were active consecutively between entry/exit timestamps. However, a tick could exit and re-enter in the same week, leading to double...
Asymmetric level of transaction validation between L1 side and L2.
Lines of code Vulnerability details Impact May have double counting of deposits? Proof of Concept On L1 side, there are validations that ensure funds don't get lost nor double counted. For example, finalizeWithdrawal may be called multiple times by allowed callers in case previous calls fail...
Voting Power double count when the pledge.receiver delegates to their own pledge.
Lines of code Vulnerability details Impact When a pledge is created via the createPledge function, the pledge creator is allowed to select the receiver address which will receive the boost delegation. Additionally, targetVotes parametr is selected which is the maximum target of votes the receiver...
NonCustodialPSM.mint double counts mint buffer depletion and GlobalRateLimitedMinter.mintVolt allows for minting in excess of the global mint buffer limit
Lines of code ttps://github.com/code-423n4/2022-03-volt/blob/main/contracts/utils/MultiRateLimited.solL333 Vulnerability details Impact Currently mint buffer control usage is incorrect, leading to either absence of mint speed control or to extensive control with amount partial double counting. Mi...
Fee double counting for underwater positions
Handle hyh Vulnerability details Impact Actual available fees are less than recorded. That's because a part of them corresponds to underwater positions, and will not have the correct amount stored with the contract: when calculation happens the fee is recorded first, then there is a check for...
The function addToken does not check if the token was already added
Handle hrkrshnn Vulnerability details addToken does not check if the token was already added The function addToken does not check if the token was already present. function addToken address vault, address token external override notHalted onlyStrategist requireallowedTokenstoken, "!allowedTokens"...