Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004126)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004126 advisory. A memory leak in the kernelreadfile function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service memory consumption by...

Heap Buffer Overflow

libyara.so is vulnerable to heap-based buffer overflow. The vulnerability exists because it does not properly manage memory in exec.c, which allows an attacker to parse a crafted compiled rule file, causing an application crash...

SUSE CVE-2014-10071

In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the "& fd" syntax...

CVE-2020-25085

QEMU 5.0.0 has a heap-based Buffer Overflow in flatviewreadcontinue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHCBLKSIZE case...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service. A NULL pointer dereference in addressspacemap in exec.c allows an attacker to crash the application...

CVE-2020-13659

addressspacemap in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer...

Null pointer dereference

addressspacemap in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer...

CVE-2020-13659

CVE-2020-13659 affects QEMU 4.2.0: address_space_map in exec.c can trigger a NULL pointer dereference related to BounceBuffer. Impact is low (partial availability, local access). Remediation across connected sources includes upgrading QEMU to newer releases where fixes are shipped (e.g., Debian s...

CVE-2020-13659

addressspacemap in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer...

Denial Of Service (DoS)

kernel is vulnerable to denial of service. Memory leak in the kernelreadfile function in fs/exec.c allows an attacker to cause a denial of service...

CVE-2019-8980

CVE-2019-8980 is a memory-leak DoS in the Linux kernel (kernel_read_file in fs/exec.c) affecting up to version 4.20.11. Attackers could trigger vfs_read failures to exhaust memory. The connected documents provide the vulnerability description but do not specify a confirmed fixed/patch version or ...

YARA libyara/exec.c File Information Disclosure Vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the libyara/exec.c file in YARA version 3.8.1. An attacker could exploit this vulnerability to obtain environment information...

Design/Logic Flaw

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OPCOUNT can read a DWORD...

UBUNTU-CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

CVE-2018-19974

CVE-2018-19974 affects YARA 3.8.1, where bytecode in a specially crafted compiled rule can read uninitialized data from the VM scratch memory in libyara/exec.c, potentially revealing addresses from the real stack. The vulnerability is confined to the YARA runtime and arises from reading uninitial...

CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack not the YARA virtual stack...

PT-2018-15181

Name of the Vulnerable Software and Affected Versions YARA version 3.8.1 Description The issue allows bytecode in a specially crafted compiled rule to read data from any arbitrary address in memory. This is specifically related to OP COUNT, which can read a DWORD. The problem is located in...

YARA Buffer Overflow Vulnerability

YARA is a set of tools used to help software researchers identify and categorize malware samples. A security vulnerability exists in the 'yrexecutecode' function of the libyara/exec.c file in YARA. The vulnerability can be exploited by an attacker to execute code out-of-bounds writing with the he...

CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yrexecutecode in libyara/exec.c...

CVE-2018-12035

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yrexecutecode in libyara/exec.c...