AZL-68171 CVE-2025-39940 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

UBUNTU-CVE-2025-39940

In the Linux kernel, the following vulnerability has been resolved: dm-stripe: fix a possible integer overflow There's a possible integer overflow in stripeiohints if we have too large chunk size. Test if the overflow happened, and if it did, don't set limits-iomin and limits-ioopt;...

PT-2025-40636

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow issue exists in the stripe io hints function when handling excessively large chunk sizes. This could lead to incorrect setting of io min and io opt limits...

CVE-2023-43642

snappy-java is a Java port of the snappy, a fast C++ compresser/decompresser developed by Google. The SnappyInputStream was found to be vulnerable to Denial of Service DoS attacks when decompressing data with a too large chunk size. Due to missing upper bound check on chunk length, an unrecoverab...

SUSE CVE-2012-2677

Integer overflow in the orderedmalloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected...

SUSE CVE-2013-2028

The ngxhttpparsechunked function in http/ngxhttpparse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service crash and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based...

undertow: invalid HTTP request with large chunk size

A flaw was found in Undertow, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling...

DEBIAN-CVE-2015-3183

The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension...

CVE-2012-6303

Heap-based buffer overflow in the GetWavHeader function in generic/jkSoundFile.c in the Snack Sound Toolkit, as used in WaveSurfer 1.8.8p4, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large chunk size in a WAV file...

Stack overflow

Stack-based buffer overflow in Microsoft Windows Media Player 9 and 10 allows remote attackers to execute arbitrary code via a PNG image with a large chunk size...