Azure Linux 3.0 Security Update: kernel (CVE-2024-36967)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36967 advisory. - In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak in...

OSV-2026-97 Heap-buffer-overflow in vpx_wb_write_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476466137 Crash type: Heap-buffer-overflow WRITE 1 Crash state: vpxwbwriteliteral vp9packbitstream encodeframetodatarate...

MiracleLinux 8 : firefox-102.8.0-2.el8.ML.1 (AXSA:2023-5141:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-5141:10 advisory. Mozilla: Arbitrary memory write via PKCS 12 in NSS CVE-2023-0767 Mozilla: Content security policy leak in violation reports using iframes...

MiracleLinux 8 : python39:3.9 and python39-devel:3.9 (AXSA:2024-8498:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8498:01 advisory. python39:3.9/python39: python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python39:3.9/python39: python: The zipfile module is...

MiracleLinux 8 : krb5-1.18.2-8.el8 (AXSA:2021-1843:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1843:01 advisory. krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1encode.c may lead to DoS CVE-2020-28196 Tenable has extracted the...

MiracleLinux 9 : apr-1.7.0-12.el9_3 (AXSA:2023-7043:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7043:05 advisory. apr: integer overflow/wraparound in aprencode CVE-2022-24963 Tenable has extracted the preceding description block directly from the MiracleLinux security...

SUSE CVE-2025-56226

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

MiracleLinux 7 : python-idna-2.4-1.0.1.el7.AXS7 (AXSA:2025-11498:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-11498:01 advisory. CVE-2024-3651: more efficient resolution of joiner contexts in idna library to avoid quadratic complexity that leads to a DoS condition CVEs: CVE-2024-3651 ...

CVE-2022-42518

In BroadcastSmsConfigsRequestData::encode of smsdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EUVD-2022-55812

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...

CVE-2022-50749

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...

CVE-2022-50749

In the Linux kernel, the following vulnerability has been resolved: acct: fix potential integer overflow in encodecompt The integer overflow is descripted with following codes: 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 return exp; 344 Current...

CVE-2022-50749

CVE-2022-50749 relates to the Linux kernel where an integer overflow could occur in encode_comp_t(). The function computes a value for comp_t, which is defined as a 16-bit type (__u16), while a local variable exp is an int. If exp becomes greater than 65535, an overflow happens on line 343 return...

EUVD-2025-203711

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...

CVE-2025-68185

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: insufficient locking for -dparent-dinode dereferencing Theoretically it's an oopsable race, but I don't believe one can manage to hit it on real hardware; might become doable on a KVM, but it still won't be easy...

Linux Distros Unpatched Vulnerability : CVE-2023-53778

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move...

EUVD-2023-60128

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...

CVE-2023-53778

The CVE-2023-53778 entry concerns the Linux kernel, specifically the accel/qaic path and DMA mapping logic. The described fix relocates and clarifies overflow checks in map_user_pages() and encode_dma(): a remaining variable replaces previous size checks, and a new condition checks if in_trans-&g...

CVE-2023-53778 accel/qaic: Clean up integer overflow checking in map_user_pages()

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...

PT-2025-49638

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the accel/qaic component related to integer overflow checking within the map user pages function. The encode dma function previously had validation on...