EUVD-2023-12631

Malicious code in bioql PyPI...

EUVD-2022-54848

Malicious code in bioql PyPI...

PT-2025-27969

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.1.128 Description: A bug in the jffs2 file system has been detected, caused by a fault injection in jffs2 prealloc raw node refs. The function jffs2 sum write sumnode does not check the return value of jffs2...

USN-7553-5 linux-azure vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Clock framework and drivers; - GPU drivers; - Parport drivers; - Ext4 file system; - JFFS2 file system; - JFS file...

USN-7554-3 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Block layer subsystem; - Clock framework and drivers; - GPU drivers; - Parport drivers; - Ext4 file system; - JFFS2...

CVE-2022-49277

CVE-2022-49277 relates to a memory leak in the JFFS2 code path of the Linux kernel during jffs2_do_mount_fs. The issue arises when jffs2_build_filesystem() returns an error, leading to unfreed resources reported by kmemleak (kmem_cache_alloc_trace and __kmalloc paths). The advisory states the lea...

CVE-2022-49277

In the Linux kernel, the following vulnerability has been resolved: jffs2: fix memory leak in jffs2domountfs If jffs2buildfilesystem in jffs2domountfs returns an error, we can observe the following kmemleak report: -------------------------------------------- unreferenced object 0xffff88811b25a64...

USN-6955-1 linux-oem-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...

CVE-2023-0592

A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...

CVE-2023-0592 Path traversal in jefferson

A path traversal vulnerability affects jefferson's JFFS2 filesystem extractor. By crafting malicious JFFS2 files, attackers could force jefferson to write outside of the extraction directory.This issue affects jefferson: before 0.4.1...

Yi Technology Home Camera 27US Firmware 7z CRC Collision Vulnerability

Summary An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this...

Ubuntu: Security Advisory (USN-574-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 6.10 / 7.04 / 7.10 : linux-source-2.6.17/20/22 vulnerabilities (USN-574-1)

The minix filesystem did not properly validate certain filesystem values. If a local attacker could trick the system into attempting to mount a corrupted minix filesystem, the kernel could be made to hang for long periods of time, resulting in a denial of service. This was only vulnerable in Ubun...