178 matches found
EUVD-2017-2822
Malware in sbrugna...
EUVD-2017-5569
Malware in sbrugna...
EUVD-2017-16258
Malware in sbrugna...
EUVD-2025-9595
Malicious code in bioql PyPI...
SUSE-SU-2025:02718-2 Security update for libarchive
This update for libarchive fixes the following issues: - CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 - CVE-2025-5915: Fixed heap buffer over read in copyfromlzsswindow at archivereadsupportformatrar.c bsc1244273 -...
Security update for libarchive
This update for libarchive fixes the following issues: CVE-2025-5918: reading past EOF may be triggered for piped file streams bsc1244279 CVE-2025-5917: off by one error in buildustarentryname at archivewritesetformatpax.c bsc1244336 CVE-2025-5916: integer overflow while reading warc files at...
SUSE-SU-2025:02718-1 Security update for libarchive
This update for libarchive fixes the following issues: - CVE-2025-5914: Fixed double free due to an integer overflow in the archivereadformatrarseekdata function bsc1244272 - CVE-2025-5915: Fixed heap buffer over read in copyfromlzsswindow at archivereadsupportformatrar.c bsc1244273 -...
UBUNTU-CVE-2023-53081
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after failed write When buffered write fails to copy data into underlying page cache page, ocfs2writeendnolock just zeroes out and dirties the page. This can leave dirty page beyond EOF and if page...
Security Bulletin: Multiple security vulnerabilities have been identified in IBM® DB2® shipped with IBM PureData System for Operational Analytics
Summary IBM® DB2® is shipped as a component of IBM PureData System for Operational Analytics. Information about security vulnerabilities affecting IBM DB2 have been published in a security bulletin. Vulnerability Details CVEID:CVE-2017-12973 DESCRIPTION: Connect2id Nimbus JOSE+JWT could provide...
SUSE CVE-2025-22000
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...
CVE-2025-22000
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...
CVE-2025-22000
CVE-2025-22000 affects the Linux kernel. The flaw is in mm/huge_memory where, after splitting a folio for EOF, folio refs may not be fully dropped unless folio_put_refs(folio, folio_nr_pages(folio)) is used. This can cause a memory leak when the blocksize > page_size and truncation creates fol...
CVE-2025-22000
In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF, folioputrefsfolio, folionrpagesfolio should be used to drop all page cache refs. Otherwise...
PT-2025-14593 · Linux +3 · Linux Kernel +3
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel. The problem occurs when a large folio needs to be dropped due to EOF End Of File and the correct number of references is no...
AZL-49296 CVE-2024-44947 affecting package kernel for versions less than 6.6.51.1-1
In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...
CVE-2024-44947
In the Linux kernel, the following vulnerability has been resolved: fuse: Initialize beyond-EOF page contents before setting uptodate fusenotifystore, unlike fusedoreadpage, does not enable page zeroing because it can be used to change partial page contents. So fusenotifystore must be more carefu...
OESA-2024-1961 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the...
SUSE CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
DEBIAN-CVE-2022-48827
In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix the behavior of READ near OFFSETMAX Dan Aloni reports: Due to commit 8cfb9015280d "NFS: Always provide aligned buffers to the RPC read layers" on the client, a read of 0xfff is aligned up to server rsize of 0x1000. As a...
SUSE CVE-2024-38604
In the Linux kernel, the following vulnerability has been resolved: block: refine the EOF check in blkdeviomapbegin blkdeviomapbegin rounds down the offset to the logical block size before stashing it in iomap-offset and checking that it still is inside the inode size. Check the isize check to th...