CVE-2026-48961

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Ring Buffer: Do not attempt to read beyond the “commit” boundary. When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There are mechanisms to detect and handle this issue, but t...

Linux Distros Unpatched Vulnerability : CVE-2026-42327

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocspresponders returns OCSP responder URLs from...

Linux Distros Unpatched Vulnerability : CVE-2026-8177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name...

Out-of-bounds read in `bytes_helper` public safe functions

The byteshelper module contains multiple public functions intoarr4, intoarr2, u8fromlebytes that use slice.getuncheckedpos..pos + N without verifying that pos + N = slice.len. These are public safe API functions, allowing any caller to trigger undefined behavior by passing invalid positions. For...

EUVD-2026-15378

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests an alignment of 4 bytes sizeofu32 for the JIT buffer. Because the ba...

CVE-2025-62291

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

UBUNTU-CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

CVE-2025-39704 LoongArch: KVM: Fix stack protector issue in send_ipi_data()

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix stack protector issue in sendipidata Function kvmiobusread is called in function sendipidata, buffer size of parameter val should be at least 8 bytes. Since some emulation functions like loongarchipireadl and...

DEBIAN-CVE-2025-38495

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account f...

UBUNTU-CVE-2025-38495

In the Linux kernel, the following vulnerability has been resolved: HID: core: ensure the allocated report buffer can contain the reserved report ID When the report ID is not used, the low level transport drivers expect the first byte to be 0. However, currently the allocated buffer not account f...

DEBIAN-CVE-2022-49271

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent bad output lengths in smb2ioctlqueryinfo When calling smb2ioctlqueryinfo with smbqueryinfo::flags=PASSTHRUFSCTL and smbqueryinfo::outputbufferlength=0, the following would return 0x10 buffer = memdupuserarg +...

The vulnerability of the async_free_space() function in the Linux kernel’s binder component, which allows a hacker to disclose protected information

The vulnerability of the asyncfreespace function in the Linux kernel’s binder component is related to a potential data leak of up to 8 bytes during each asynchronous transaction that is 8 bytes or less in size. Exploiting this vulnerability could allow an attacker to disclose sensitive informatio...

The kstring integration in gix-attributes is unsound

gix-attributes in state::ValueRef unsafely creates a &str from a &u8 containing non-UTF8 data, with the justification that so long as nothing reads the &str and relies on it being UTF-8 in the &str, there is no UB: rust // SAFETY: our API makes accessing that value as str impossible, so illformed...

DEBIAN-CVE-2024-26889

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fix possible buffer overflow struct hcidevinfo has a fixed size name8 field so in the event that hdev-name is bigger than that strcpy would attempt to write past its size, so this fixes this problem by switchi...

UBUNTU-CVE-2023-52501

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit" When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There's barriers to help detect this and handle it, but that code missed th...

CVE-2021-45941

libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow 8 bytes in bpfobjectopen called from bpfobjectopenmem and bpf-object-fuzzer.c...

PT-2021-8194 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to a function in the Linux kernel's amdgpu driver, specifically the validate bksv function in the hdcp1 execution.c module. This function is vulnerable to a buffer...

DEBIAN-CVE-2020-11047

In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetectrecvbandwidthmeasureresults. A malicious server can extract up to 8 bytes of client memory with a manipulated message by providing a short input and reading the measurement result data. This has been patched in 2.0...

linux/x86 iptables -F 58 bytes

No description provided by source. / The shellcode flushs the iptables by running /sbin/iptables -F no exit greetz to zilion: man, my code is shorter! size = 58 bytes OS = Linux i386 written by /rootteam/dev0id www.sysworld.net BITS 32 jmp short callme main: pop esi xor eax,eax mov byte esi+14,al...