Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: EFI: Do not map the entire mokvar table to determine its size. Currently, when validating the mokvar table, we re-map the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows to ...

Astra Linux - уязвимость в zziplib

A issue was discovered in the function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which may lead to a denial-of-service...

CVE-2025-21872

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

CVE-2025-21872 efi: Don't map the entire mokvar table to determine its size

In the Linux kernel, the following vulnerability has been resolved: efi: Don't map the entire mokvar table to determine its size Currently, when validating the mokvar table, we remap the entire table on each iteration of the loop, adding space as we discover new entries. If the table grows over a...

CVE-2025-21872

CVE-2025-21872 – Linux kernel (EFI/MOKVAR handling) : The vulnerability arises from how the kernel validates the EFI MOKvar table. In older code, the mokvar table was fully remapped on each iteration to determine its size, which could fail if the table grew large due to early_memmap limitations, ...

zziplib: invalid memory access at zzip_disk_entry_to_file_header in mmapped.c

An invalid memory access flaw was found in the mmapped.c file's zzipdiskentrytofileheader function in Zziplib. This issue could allow an attacker to entice a victim into opening a specially crafted file, leading to a denial of service...

OESA-2023-1816 zziplib security update

The zziplib is a lightweight library to easily extract data from zip files. Applications can bundle files into a single zip archive and access them. The implementation is based only on the free subset of compression with the zlib algorithm which is actually used by the zip/unzip tools. Security...

SUSE CVE-2020-18770

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service...

DEBIAN-CVE-2020-18770

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service...

UBUNTU-CVE-2020-18770

An issue was discovered in function zzipdiskentrytofileheader in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. In the function zzipdiskentrytofileheader located in the mmapped.c file. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users...

ZZIPlib 安全漏洞

ZZIPlib is a compressed document extraction library. A security vulnerability exists in ZZIPlib version 0.13.69, which stems from an issue found in the function zzipdiskentrytofileheader in mmapped.c that will result in a denial of service...

SUSE CVE-2018-11729

The libfsntfsmftentryreadheader function in libfsntfsmftentry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure heap-based buffer over-read via a crafted ntfs file. NOTE: the vendor has disputed this as described in libyal/libfsntfs issue 8 on GitHub...

DEBIAN-CVE-2012-1459

The TAR file parser in AhnLab V3 Internet Security 2011.01.18.00, Avira AntiVir 7.11.1.163, Antiy Labs AVL SDK 2.0.3.7, avast! Antivirus 4.8.1351.0 and 5.0.677.0, AVG Anti-Virus 10.0.0.1190, Bitdefender 7.2, Quick Heal aka Cat QuickHeal 11.00, ClamAV 0.96.4, Command Antivirus 5.2.11.5, Comodo...

FreeBSD : tiff -- directory entry count integer overflow vulnerability (fc7e6a42-6012-11d9-a9e7-0001020eed82)

In an iDEFENSE Security Advisory infamous41md reports : Remote exploitation of a heap-based buffer overflow vulnerability within the LibTIFF package could allow attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient validation of user-supplied data when...