Lucene search
K

15 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: In the bitPutcs function, the bound-check glyph index was derived from the character value masked by 0xff or 0x1ff. This may lead to reading beyond the end of the built-in font array, exceeding the actual number o...

5.9AI score0.00175EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/02/11 5:48 p.m.11 views

kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling

A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service...

5.8AI score0.00175EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/02/11 12:25 a.m.12 views

kernel: Linux kernel: Information disclosure and denial of service via out-of-bounds read in font glyph handling

A flaw was found in the Linux kernel. A local attacker can exploit this vulnerability by providing a specially crafted font glyph index to the bitblit component. This can lead to an out-of-bounds read, potentially resulting in information disclosure or a denial of service...

5.8AI score0.00175EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2025/12/09 9:3 a.m.7 views

fbdev: bitblit: bound-check glyph index in bit_putcs*

...

7.1CVSS7AI score0.00175EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/12/09 12:24 a.m.8 views

SUSE CVE-2025-40322

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...

5.3CVSS6.2AI score0.00175EPSS
Exploits0References26
EUVD
EUVD
added 2025/12/08 3:31 a.m.3 views

EUVD-2025-201623

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...

5.9AI score0.00175EPSS
Exploits0References9
NVD
NVD
added 2025/12/08 1:16 a.m.9 views

CVE-2025-40322

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...

0.00175EPSS
Exploits0References8
OSV
OSV
added 2025/12/08 12:46 a.m.6 views

CVE-2025-40322 fbdev: bitblit: bound-check glyph index in bit_putcs*

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...

6.3AI score0.00175EPSS
Exploits0References11
CVE
CVE
added 2025/12/08 12:46 a.m.385 views

CVE-2025-40322

Summary (CVE-2025-40322) : In the Linux kernel framebuffer (fbdev) bitblit path, bit_putcs* computations derived a glyph pointer from the character value masked by 0xff/0x1ff, which could read past the font array end. The fix clamps the index to the actual glyph count before computing the address...

6.1AI score0.00175EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2025/12/08 12:46 a.m.3 views

CVE-2025-40322

In the Linux kernel, the following vulnerability has been resolved: fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may exceed the actual font's glyph count and read past the end of the...

5.3AI score0.00175EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/08 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-40322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: bitblit: bound-check glyph index in bitputcs bitputcsaligned/unaligned derived the glyph pointer from the character value masked by 0xff/0x1ff, which may...

6.2AI score0.00175EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/08/24 12:0 a.m.5 views

PT-2022-37212 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-use-after-free error, which occurs when the program attempts to access memory that has already been freed. The crash state...

6.9AI score
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/23 12:0 a.m.121 views

Security update for freetype2 (moderate)

openSUSE Security Update: Security update for freetype2 Announcement ID: openSUSE-SU-2020:0704-1 Rating: moderate References: 1079603 1091109 Cross-References: CVE-2018-6942 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

6.5CVSS7.2AI score0.02124EPSS
Exploits0References2
0day.today
0day.today
added 2016/06/21 12:0 a.m.131 views

Microsoft Windows - Kernel ATMFD.dll NamedEscape 0x250C Pool Corruption (MS16-074)

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=785 The Adobe Type Manager Font Driver ATMFD.DLL responsible for handling PostScript and OpenType fonts in the Windows kernel provides a channel of communication with user-mode...

6.9CVSS6.8AI score0.06976EPSS
Exploits1
Zero Day Initiative
Zero Day Initiative
added 2011/10/26 12:0 a.m.30 views

Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Adobe Reade...

7.5CVSS4.5AI score0.07964EPSS
Exploits1References1
Rows per page
Query Builder