52 matches found
CVE-2026-15028
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...
CVE-2026-15028
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...
CVE-2026-15028
In libarchive, CVE-2026-15028 describes a heap overflow triggered while parsing a tar archive’s PAX extended header with a malformed SUN.holesdata sparse-file attribute. The vulnerability is exploitable remotely to cause DoS or potentially arbitrary code execution on affected systems. The root ca...
CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...
CVE-2026-15028 Libarchive: heap overflow oob read while parsing a tar archive contains a pax extended header
A flaw was found in libarchive. This vulnerability allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue occurs during the parsing of a PAX extended header containing a malformed SUN.holesdata sparse-file attribute. Successful exploitation cou...
PT-2026-57143
Name of the Vulnerable Software and Affected Versions libarchive affected versions not specified Description A flaw in the parsing of a PAX extended header allows a remote attacker to trigger a heap overflow by providing a specially crafted tar archive. The issue specifically occurs when processi...
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the parsing process of a tar archive containing a PAX extended header with a malformed SUN.holesdata sparse-file attribute. An attacker can cause a heap overflow and out-of-bounds read by supplying a...
kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
fs: init flags_valid before calling vfs_fileattr_get
...
CVE-2026-43474
In the Linux kernel, the following vulnerability has been resolved: fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the "get" context where the kernel's internal filekattr structure is initialized before calling vfsfileattrget, we should use t...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that flagsvalid was not initialized before calling vfsfileattrget, potentially leading t...
PT-2026-39135
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An uninitialized value bug exists where flags valid is not initialized before the vfs fileattr get function is called. This issue occurs because the fa variable is not handled with the...
Linux Distros Unpatched Vulnerability : CVE-2026-43474
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs: init flagsvalid before calling vfsfileattrget syzbot reported a uninit-value bug in 1. Similar to the get context where the kernel's internal filekattr...
CVE-2026-32147
Technical details about affected products/versions and remediation are not provided in the supplied documents; monitor for updates.
CVE-2025-68772
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid updating compression context during writeback Bai, Shuangpeng reported a bug as below: Oops: divide error: 0000 1 SMP KASAN PTI CPU: 0 UID: 0 PID: 11441 Comm: syz.0.46 Not tainted 6.17.0 1 PREEMPTfull Hardware...
EUVD-2006-0085
Malware in sbrugna...
EUVD-2019-9099
Malware in sbrugna...
EUVD-2024-40901
Malicious code in bioql PyPI...
EUVD-2023-44858
Malicious code in bioql PyPI...
EUVD-2025-27143
Malicious code in bioql PyPI...