Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm: Do not allow userspace to trigger kernel warnings in drmgemchangehandleioctl Since GEM bo handles are u32 in the uapi, and the internal implementation uses idralloc, which uses int ranges. Passing a new handle that is larger...

CVE-2025-11624

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

EUVD-2025-35172

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

CVE-2025-11624

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

CVE-2025-11624

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

CVE-2025-11624 Buffer overwrite when processing file handles with the SFTP server

Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed...

PT-2025-42885

Name of the Vulnerable Software and Affected Versions versions prior to 2.3 Description A stack buffer overwrite can occur on the SFTP server side when receiving a malicious packet. The issue arises when the packet's handle size exceeds the system handle or file descriptor size, but remains withi...

kernel: bluetooth/hci: disallow setting handle bigger than HCI_CONN_HANDLE_MAX

A warning was observed in the Linux kernel in hciconndel caused by freeing handle that was not allocated using ida allocator. This is caused by handle bigger than HCICONNHANDLEMAX passed by hcilebigsyncestablishedevt, which makes code think it's unset connection...

DEBIAN-CVE-2021-47168

In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayoutdecodelayout The "sizeofstruct nfsfh" is two bytes too large and could lead to memory corruption. It should be NFSMAXFHSIZE because that's the size of the -data buffer. I reversed the size...

PT-2023-33337 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.158 Description: The issue concerns a handle size overflow for ringbuf mmap. It was introduced in version v5.8 and fixed in Linux Kernel version v5.10.158. The actual impact and attack plausibility have no...

Ubuntu 14.10 : linux vulnerabilities (USN-2666-1)

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...