22 matches found
CVE-2026-44697
Klever-Go is the Go implementation of the Klever blockchain protocol. Prior to 1.7.17, a remote, unauthenticated denial-of-service vulnerability in Batch.Decompress data/batch/batch.go allows any peer that participates in a topic served by MultiDataInterceptor to allocate multi-gigabyte heaps on...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fixed an issue where the CMA heap fault handler made a mistake in calculating the boundary. Until the VMDONTEXPAND flag was added in commit 1c1914d6e8c6 “dma-buf: heaps: Don’t track CMA dma-buf pages under RssFile...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential Spectre v1 gadget It appears that nr might be a Spectre v1 gadget, as it is provided by a user and used as an array index. This vulnerability allows for the contents of kernel memory to be leaked int...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988990)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988990 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986985)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986985 advisory. In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget a...
dma-buf: heaps: Fix off-by-one in CMA heap fault handler
...
DEBIAN-CVE-2024-46852
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
CVE-2024-46852
CVE-2024-46852 — Linux kernel CMA heap off-by-one fix : The issue occurred when a mapping larger than the buffer size could be created via mremap, allowing an overflow bypass in dma_buf_mmap_internal. The CMA heap fault handler incorrectly bound the fault offset by 1 when validating the end of th...
CVE-2024-46852 dma-buf: heaps: Fix off-by-one in CMA heap fault handler
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...
SUSE CVE-2022-48730
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
UBUNTU-CVE-2022-48730
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
CVE-2022-48730 dma-buf: heaps: Fix potential spectre v1 gadget
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
CVE-2022-48730 dma-buf: heaps: Fix potential spectre v1 gadget
In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by a user and used as an array index. Prevent the contents of kernel memory from being leaked to userspace via...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a potential spectre v1 vulnerability in the dma-buf:heaps module...
GSD-2022-1000661 dma-buf: heaps: Fix potential spectre v1 gadget
dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.16.8 by commit...
GSD-2022-1000578 dma-buf: heaps: Fix potential spectre v1 gadget
dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.22 by commit...
GSD-2022-1000222 dma-buf: heaps: Fix potential spectre v1 gadget
dma-buf: heaps: Fix potential spectre v1 gadget This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.99 by commit...
CVE-2019-13626
SDL Simple DirectMedia Layer 2.x through 2.0.9 has a heap-based buffer over-read in FillIMAADPCMblock, caused by an integer overflow in IMAADPCMdecode in audio/SDLwave.c...
Google Chrome (Fedora 25 Ubuntu 16.04) - tracker-extract gnome-video-thumbnailer + totem Drive-By Download
Google Chrome Fedora 25 Ubuntu 16.04 - tracker-extract gnome-video-thumbnailer + totem Drive-By Download Source: https://scarybeastsecurity.blogspot.com/2016/12/redux-compromising-linux-using-snes.html Overview Full reliable 0day drive-by exploit against Fedora 25 + Google Chrome, by breaking out...