208 matches found
Rizin 安全漏洞
Rizin is a free open-source reverse-engineering framework developed by the Rizin organization. It is used for analyzing binary files, disassembling code, debugging programs, as a forensics tool, and as a command-line hexadecimal editor capable of opening disk files. Rizin has a security...
CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
PT-2026-30615
A double free vulnerability exists in librz/bin/format/le/le.c in the function le load fixup record. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
CVE-2026-31053
The CVE-2026-31053 vulnerability affects librz, specifically the le_load_fixup_record() function in librz/bin/format/le/le.c. It is a double-free issue that can cause heap corruption when processing malformed or circular LE fixup chains, potentially leading to denial-of-service via a crash. The i...
CVE-2026-31053
A double free vulnerability exists in librz/bin/format/le/le.c in the function leloadfixuprecord. When processing malformed or circular LE fixup chains, relocation entries may be freed multiple times during error handling. A specially crafted LE binary can trigger heap corruption and cause the...
SUSE CVE-2025-71270
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
EUVD-2025-208844
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
CVE-2025-71270
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
UBUNTU-CVE-2025-71270
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
CVE-2025-71270 LoongArch: Enable exception fixup for specific ADE subcode
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
CVE-2025-71270 LoongArch: Enable exception fixup for specific ADE subcode
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Enable exception fixup for specific ADE subcode This patch allows the LoongArch BPF JIT to handle recoverable memory access errors generated by BPFPROBEMEM instructions. When a BPF program performs memory access...
CVE-2025-71270
CVE-2025-71270 concerns LoongArch Linux kernel: the fix enables exception handling for BPF memory accesses in JIT-compiled code. Specifically, do_ade() now handles EX_TYPE_BPF memory access exceptions during BPF_PROBE_MEM* operations by invoking the common fixup routine, stabilizing recoverable m...
CVE-2026-23194 rust_binder: correctly handle FDA objects of length zero
In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...
CVE-2026-23194 rust_binder: correctly handle FDA objects of length zero
In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...
CVE-2026-23194
CVE-2026-23194 relates to the Linux kernel rust_binder handling of FDA objects of length zero. The issue was a out-of-bounds write when an empty fd-array (FDA) with 0 fds was processed, caused by treating skip == 0 as a special “pointer fixup.” The fix replaces this zero-special-case pattern (ori...
CVE-2026-23194
In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005154)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005154 advisory. In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at...
Azure Linux 3.0 Security Update: kernel (CVE-2025-22033)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22033 advisory. - In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001235)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001235 advisory. The cpreportfixup function in drivers/hid/hid-cypress.c in the Linux kernel 3.2 and 4.x before 4.9.4 allows physically proximate attackers to cause a denial of servi...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001914)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001914 advisory. The reportfixup functions in the HID subsystem in the Linux kernel before 3.16.2 might allow physically proximate attackers to cause a denial of service out-of-bound...