54286 matches found
CVE-2026-31412
The CVE-2026-31412 vulnerability exists in the Linux kernel USB gadget f_mass_storage implementation, where an unchecked left shift of data_size_from_cmnd by blkbits could overflow, truncating data size and enabling memory corruption or out-of-bounds access. The root cause is lack of overflow val...
CVE-2026-31412 usb: gadget: f_mass_storage: Fix potential integer overflow in check_command_size_in_blocks()
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmassstorage: Fix potential integer overflow in checkcommandsizeinblocks The checkcommandsizeinblocks function calculates the data size in bytes by left shifting common-datasizefromcmnd by the block size...
CVE-2026-5912
An integer overflow flaw was found in the WebRTC component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=486498791...
CVE-2026-5910
An integer overflow flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=485212874...
CVE-2026-5909
An integer overflow flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=485203821...
CVE-2026-5908
An integer overflow flaw was found in the Media component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=485115554...
CVE-2026-5870
An integer overflow flaw was found in the Skia component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=495534710...
EUVD-2026-21305
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-5477
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
DEBIAN-CVE-2026-5477
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an integer overflow in the wcCmacUpdate function. An attacker can generate forged CMAC tags by exploiting the wraparound of the totalSz variable after processing 4 GiB of data, which causes the...
CVE-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-5477
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-5477
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-5477 Prefix-substitution forgery via integer overflow in wolfCrypt CMAC
An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wcCmacUpdate used the guard if cmac-totalSz != 0 to skip XOR-chaining on the first block where digest is all-zeros and the XOR is a no-op. However, totalSz is word32 and wrap...
CVE-2026-5477
The CVE-2026-5477 issue concerns wolfCrypt CMAC: an integer overflow in wc_CmacUpdate caused by a guard that skips XOR-chaining on the first block when cmac->totalSz != 0. totalSz is a 32-bit value and wraps to zero after 2^28 blocks (4 GiB), which can discard the live CBC-MAC chain state. Thi...
wolfSSL(CyaSSL) 安全漏洞
wolfSSL CyaSSL is a small, portable embedded SSL programming library developed by the American company wolfSSL, designed for developers working with embedded systems. wolfSSL CyaSSL has security vulnerabilities; these vulnerabilities stem from integer overflows in the wolfCrypt CMAC implementatio...
PT-2026-31909
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw in the f mass storage gadget driver. The check command size in blocks function does not validate for integer overflows when calculating data size in byte...
Google Chrome ANGLE Component Integer Overflow Vulnerability
Google Chrome is a web browser from Google, an American company. An integer overflow vulnerability exists in versions of Google Chrome prior to 146.0.7680.178. The vulnerability stems from a failure of the ANGLE component to properly validate the length size of input data, which can be exploited ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by an integer overflow issue in the checkcommandsizeinblocks function, which may lead to memory corruption ...