Lucene search
K

92 matches found

Microsoft CVE
Microsoft CVE
added 2026/06/27 8:11 a.m.6 views

RDMA/umem: Fix truncation for block sizes >= 4G

...

7.8CVSS5.8AI score0.00129EPSS
Exploits0
EUVD
EUVD
added 2026/06/25 10:21 p.m.10 views

EUVD-2026-31400

golang.org/x/crypto/ssh vulnerable to infinite loop on large channel writes...

9.1CVSS5.8AI score0.00466EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/25 6:18 p.m.7 views

CVE-2026-53015

A flaw was found in the Linux kernel's erofs filesystem. On 32-bit platforms, the lcn variable, used for logical cluster numbers, was defined as a 32-bit integer. This could lead to truncation when calculating offsets larger than 4 Gigabytes GiB, potentially causing incorrect data handling within...

5.5CVSS5.8AI score0.00168EPSS
Exploits0References4
NVD
NVD
added 2026/06/25 6:16 p.m.7 views

CVE-2026-55967

AES-GCM encryption/decryption with extremely large cumulative single message sizes 64 GiB were not properly rejected by the streaming APIs, allowing counter wrap, keystream reuse, and consequent plaintext recovery...

7.5CVSS0.00114EPSS
Exploits0References2
OSV
OSV
added 2026/06/25 9:16 a.m.2 views

UBUNTU-CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2026/06/25 8:38 a.m.4 views

CVE-2026-53133

In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...

7.8CVSS5.7AI score0.00129EPSS
Exploits0
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fixed the potential overflow of the shmem scatterlist length When a scatterlists table of a GEM shmem object with a size of 4 GB or more is populated with pages allocated from the folio format, the .length attribute of...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: RISCV: Fixed TASKSIZE on 64-bit NOMMU. On NOMMU, user space memory can originate from anywhere within physical RAM. The current definition of TASKSIZE is incorrect if any RAM exceeds 4GB, causing spurious failures in user space...

5.5CVSS5.6AI score0.00212EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 p.m.11 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

8.2CVSS5.5AI score0.00123EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 7:16 p.m.10 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

8.2CVSS0.00123EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Malwarebytes EDR 输入验证错误漏洞

Malwarebytes EDR is a terminal detection and response platform provided by the American company Malwarebytes. Version 1.0.11 of Malwarebytes EDR contains a vulnerability related to input validation. This vulnerability arises from truncating data exceeding 4GB during computing hash calculations,...

8.2CVSS5.4AI score0.00123EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.9 views

PT-2026-48154

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

5.5AI score0.00123EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.33 views

CVE-2023-29146

The utility functions used by Malwarebytes EDR 1.0.11 on Linux for calculating a cryptographic hash of data bytes truncate the hashed data if it exceeds 4GB. This leads to an integer wrap-around if the data is larger than the maximum unsigned integer value 32-bit. Attackers could create a collidi...

0.00123EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.15 views

CVE-2023-29146

CVE-2023-29146 affects Malwarebytes EDR 1.0.11 on Linux. The vulnerability lies in the utility functions that compute a cryptographic hash of data bytes: hashing truncates data if it exceeds 4 GB, causing an unsigned 32-bit wrap-around. This can enable attackers to craft a colliding hash value fo...

8.2CVSS5.5AI score0.00123EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.8 views

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

9.1CVSS5.5AI score0.00466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-5477

An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...

8.2CVSS5.5AI score0.0042EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/05/23 1:29 a.m.18 views

SUSE CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

7.5CVSS5.9AI score0.00466EPSS
Exploits0References24
Vulnrichment
Vulnrichment
added 2026/05/22 2:31 a.m.7 views

CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

5.9AI score0.00466EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/22 2:31 a.m.9 views

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

5.9AI score0.00466EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.9 views

Google Go 安全漏洞

Google Go is a static, strongly typed, compiled, concurrent programming language with garbage collection features from the American company Google. There is a security vulnerability in Google Go, which stems from an integer overflow in the calculation of the internal payload size when writing dat...

9.1CVSS5.9AI score0.00466EPSS
Exploits0References5
Rows per page
Query Builder