Lucene search
+L

471 matches found

OSV
OSV
added 2026/05/27 2:16 p.m.9 views

UBUNTU-CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

7.1CVSS5.7AI score0.0015EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/27 12:14 p.m.42 views

CVE-2025-71306 ima: Fix stack-out-of-bounds in is_bprm_creds_for_exec()

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

0.0015EPSS
Exploits0References2
CVE
CVE
added 2026/05/27 12:14 p.m.28 views

CVE-2025-71306

CVE-2025-71306 is a Linux kernel vulnerability affecting the Integrity Measurement Architecture (IMA). The issue is a stack-out-of-bounds access in the function ima_appraise_measurement when processing bprm_creds for exec, traced to an incorrect offset calculation caused by using container_of on ...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCve
added 2026/05/27 12:0 a.m.12 views

CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

7.1CVSS6AI score0.0015EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.10 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the use of the isbprmcredsforexec function in the ima module. This function uses the containerof...

5.9AI score0.0015EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/05/26 5:5 a.m.13 views

freerdp: FreeRDP has an out-of-bounds read in ADPCM decoders due to missing predictor/step_index bounds checks

An out of bounds read flaw has been discovered in FreeRDP. This out-of-bounds read exists in the MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and stepindex values from input data. An attacker may be able to leverage this weakness to leak global data...

9.4CVSS5.7AI score0.00263EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2026/05/26 2:2 a.m.12 views

freerdp: FreeRDP: Denial of Service via crafted audio data in RDP

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol RDP. A remote attacker can exploit a sizet underflow vulnerability in the IMA-ADPCM and MS-ADPCM audio decoders by sending specially crafted audio data over the RDPSND audio channel. This underflow leads to a...

9.8CVSS5.8AI score0.00317EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2026/05/26 12:0 a.m.19 views

openSUSE 16 Security Update : libsndfile (openSUSE-SU-2026:20787-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20787-1 advisory. This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when...

8.2CVSS6AI score0.00585EPSS
Exploits3References9
Tenable Nessus
Tenable Nessus
added 2026/05/25 12:0 a.m.18 views

Alibaba Cloud Linux 3 : 0136: libsndfile (ALINUX3-SA-2026:0136)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0136 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-37555: A flaw was found in the libsndfile...

8.2CVSS6AI score0.00504EPSS
Exploits1References2
OSV
OSV
added 2026/05/22 8:43 a.m.7 views

OPENSUSE-SU-2026:20787-1 Security update for libsndfile

This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. - CVE-2025-56226: memory leak in the mpegl3encoderinit function of mpegl3encode.c bsc1256702. -...

8.2CVSS6AI score0.00585EPSS
Exploits3References6
OSV
OSV
added 2026/05/22 8:43 a.m.5 views

SUSE-SU-2026:21826-1 Security update for libsndfile

This update for libsndfile fixes the following issues - CVE-2025-52194: buffer overflow in the ircamreadheader function of file src/ircam.c when processing malformed IRCAM audio files bsc1248458. - CVE-2025-56226: memory leak in the mpegl3encoderinit function of mpegl3encode.c bsc1256702. -...

8.2CVSS6AI score0.00585EPSS
Exploits3References7
Rockylinux
Rockylinux
added 2026/05/21 6:0 a.m.19 views

libsndfile security update

An update is available for libsndfile. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libsndfile is a C library for reading and writing files containing sampled...

8.2CVSS5.9AI score0.00504EPSS
Exploits1
OSV
OSV
added 2026/05/21 6:0 a.m.10 views

RLSA-2026:19559 Important: libsndfile security update

libsndfile is a C library for reading and writing files containing sampled sound, such as AIFF, AU, or WAV. Security Fixes: libsndfile: integer overflow in imareaderinit CVE-2026-37555 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other relat...

8.2CVSS5.9AI score0.00504EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ima: A memory leak was fixed in imainodehash. The commit f3cc6b25dcc5 “ima: always measure and audit files in policy” allows measurement or auditing to occur even when the file digest cannot be calculated. As a result, iint-imaha...

5.9AI score0.00193EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in libsdl2

In SDL Simple DirectMediaLayer versions 2.x through 2.0.9, there is a heap-based buffer over-read issue in the FillIMAADPCMblock function, caused by an integer overflow in the IMAADPCMDecode function in the audio/SDLwave.c file...

6.5CVSS6.6AI score0.01805EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ima: fixed a reference leak in asymmetricverify Do not leak a reference to the key if its algorithm is unknown...

5.5CVSS5.9AI score0.00268EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential memory leak in imainitcrypto. If the SHA1 template is unable to be allocated, IMA fails to initialize and exits without freeing the imaalgoarray. Adding the necessary kfree call for imaalgoarray will preven...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, if the IMA appraisal method is used with the “imaappraise=log” boot parameter, lockdown can be circumvented using kexec on any machine when Secure Boot is disabled or unavailable. IMA prevents the “imaappraise=log” parameter from being set during boot, but this does not cover...

6.7CVSS6.5AI score0.002EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...

5.5CVSS6AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: ima: Fixed a potential integer overflow in imaappraisemeasurement. When the ima-modsig option is enabled, the value passed to evmverifyxattr may be negative, which could lead to an integer overflow issue...

5.5CVSS6.1AI score0.00252EPSS
Exploits0References1
Rows per page
Query Builder