CVE-2024-57917 topology: Keep the cpumask unchanged when printing cpumap

In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following warning was discovered: different return values 15 and 11 from vsnprintf"%pbl ", ... test:keyward is WARNING in kvasprintf WARNING: CPU:...

CVE-2024-57917

CVE-2024-57917 : In the Linux kernel, the cpumask may be modified during printing of cpumap, causing mismatched lengths in kvasprintf-based formatting. The fix caches the cpumask to a temporary variable before cpumap_print_{list, cpumask}_to_buf() to keep it unchanged during printing. Impact is p...

OSV-2025-45 Security exception in POIHDGFFuzzer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390461322 Crash type: Security exception Crash state: POIHDGFFuzzer...

OSV-2025-42 Heap-use-after-free in r_list_free

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390467754 Crash type: Heap-use-after-free READ 8 Crash state: rlistfree rbinbfltfree rbinfilefree...

OSV-2025-33 UNKNOWN READ in pcpp::RawPacket::insertData

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390004170 Crash type: UNKNOWN READ Crash state: pcpp::RawPacket::insertData pcpp::Packet::extendLayer pcpp::BgpUpdateMessageLayer::setNetworkLayerReachabilityInfo...

OSV-2025-31 Heap-buffer-overflow in Assimp::FBXExporter::WriteObjects

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=389339262 Crash type: Heap-buffer-overflow READ 4 Crash state: Assimp::FBXExporter::WriteObjects Assimp::FBXExporter::ExportBinary Assimp::ExportSceneFBX...

OSV-2025-23 Out-of-memory in IndexSearchFuzzer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=388312953 Crash type: Out-of-memory Crash state: IndexSearchFuzzer...

OSV-2025-16 UNKNOWN READ in png_free_data

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386860184 Crash type: UNKNOWN READ Crash state: pngfreedata pngdestroyinfostruct pngdestroyreadstruct...

OSV-2025-6 Heap-buffer-overflow in next_marker

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=387317434 Crash type: Heap-buffer-overflow READ 1 Crash state: nextmarker readmarkers consumemarkers...

OSV-2025-4 Heap-buffer-overflow in ___interceptor_pthread_create

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386713390 Crash type: Heap-buffer-overflow READ 8 Crash state: interceptorpthreadcreate...

OSV-2025-3 Heap-buffer-overflow in avifImageAddUUIDProperty

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386713389 Crash type: Heap-buffer-overflow READ 16 Crash state: avifImageAddUUIDProperty avif::testutil::PropsValid...

OSV-2025-1 Segv on unknown address in [email protected]

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386572864 Crash type: Segv on unknown address Crash state: [email protected]...

OSV-2024-1417 Heap-buffer-overflow in cv::PngDecoder::read_from_io

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=386688710 Crash type: Heap-buffer-overflow READ 4 Crash state: cv::PngDecoder::readfromio cv::PngDecoder::readchunk cv::PngDecoder::readHeader...

PT-2026-29081

Name of the Vulnerable Software and Affected Versions OpenSC versions prior to 0.27.0 Description OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, providing a crafted input to the fuzz pkcs15 reader harness results in an out-of-bounds heap read within the...

OSV-2024-1406 UNKNOWN READ in _TIFFVSetField

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385406655 Crash type: UNKNOWN READ Crash state: TIFFVSetField TIFFSetField TIFFFetchNormalTag...

OSV-2024-1397 Security exception in org.springframework.expression.spel.ast.OpPlus.getValueInternal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=385326423 Crash type: Security exception Crash state: org.springframework.expression.spel.ast.OpPlus.getValueInternal java.base/java.util.HashMap.get org.springframework.core.convert.TypeDescriptor.valueOf...

OSV-2024-1391 Heap-buffer-overflow in gsicc_create_getv2buffer

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384972943 Crash type: Heap-buffer-overflow READ 12 Crash state: gsicccreategetv2buffer pdficcbasedcolorspace pdfcolorspacenamed...

kernel: xfrm: fix one more kernel-infoleak in algo dumping

A vulnerability was found in the xfrm module in the Linux Kernel. This issue was discovered during fuzz testing, where uninitialized memory containing potentially sensitive data was inadvertently copied to user-space. This issue occurs when dumping IPsec algorithm data structures, exposing random...

OSV-2024-1388 Security exception in com.google.gson.internal.bind.TypeAdapters$28.write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384541935 Crash type: Security exception Crash state: com.google.gson.internal.bind.TypeAdapters$28.write com.google.gson.JsonElement.isJsonPrimitive com.google.gson.JsonElement.getAsJsonPrimitive...

OSV-2024-1382 Security exception in jflex.core.NFA.insertNFA

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=383999281 Crash type: Security exception Crash state: jflex.core.NFA.insertNFA java.base/java.util.zip.ZipFile$Source.getEntryPos java.base/java.util.zip.ZipFile.getEntry...