CVE-2025-39756 fs: Prevent file descriptor table allocations exceeding INT_MAX

In the Linux kernel, the following vulnerability has been resolved: fs: Prevent file descriptor table allocations exceeding INTMAX When sysctlnropen is set to a very high value for example, 1073741816 as set by systemd, processes attempting to use file descriptors near the limit can trigger massi...

netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX

...

Linux Distros Unpatched Vulnerability : CVE-2023-52429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a...

UBUNTU-CVE-2025-37766

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value. If speed is greater than UINTMAX/8, division by zero is possible. Found by Linux Verification Center linuxtesting.org with SVACE...

SUSE CVE-2025-22058

In the Linux kernel, the following vulnerability has been resolved: udp: Fix memory accounting leak. Matt Dowling reported a weird UDP memory usage issue. Under normal operation, the UDP memory usage reported in /proc/net/sockstat remains close to zero. However, it occasionally spiked to 524,288...

UBUNTU-CVE-2025-0755

The various bsonappend functions in the MongoDB C driver library may be susceptible to buffer overflow when performing operations that could result in a final BSON document which exceeds the maximum allowable size INT32MAX, resulting in a segmentation fault and possible application crash. This...

DEBIAN-CVE-2025-21648

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: clamp maximum hashtable size to INTMAX Use INTMAX as maximum size for the conntrack hashtable. Otherwise, it is possible to hit WARNONONCE in kvmallocnodenoprof when resizing hashtable because GFPNOWARN is...

kernel: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX

A flaw was addressed in the Linux kernel’s traffic scheduling TAPRIO subsystem. The code that handles the TCATAPRIOATTRSCHEDCYCLETIME attribute did not enforce an upper bound on this value, which could allow excessively large cycle time inputs to be processed. Under certain conditions, this can...

UBUNTU-CVE-2023-52868

In the Linux kernel, the following vulnerability has been resolved: thermal: core: prevent potential string overflow The dev-id value comes from idaalloc so it's a number between zero and INTMAX. If it's too high then these sprintfs will overflow...

kernel: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX

A flaw was addressed in the Linux kernel’s traffic scheduling TAPRIO subsystem. The code that handles the TCATAPRIOATTRSCHEDCYCLETIME attribute did not enforce an upper bound on this value, which could allow excessively large cycle time inputs to be processed. Under certain conditions, this can...

UBUNTU-CVE-2023-52429

dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a missing check for struct dmioctl.targetcount...

PT-2025-54080

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc1-00330-g60cc1f7d0605 Description The Linux kernel contained a flaw in the net/sched/sch taprio module where the TCA TAPRIO ATTR SCHED CYCLE TIME attribute was not properly limited to INT MAX. This result...

UBUNTU-CVE-2021-23840

Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 indicating succes...

ALPINE-CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow...

DEBIAN-CVE-2018-17963

qemudeliverpacketiov in net/net.c in Qemu accepts packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact...

UBUNTU-CVE-2018-17963

qemudeliverpacketiov in net/net.c in Qemu accepts packet sizes greater than INTMAX, which allows attackers to cause a denial of service or possibly have unspecified other impact...