Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

CVE-2026-5025

The '/logs' and '/logs-stream' endpoints in the log router allow any authenticated user to read the full application log buffer. These endpoints only require basic authentication 'getcurrentactiveuser' without any privilege checks e.g., 'issuperuser'...

CVE-2017-18662

An issue was discovered on Samsung mobile devices with M6.0 and N7.x software. Data outside of the rkp log buffer boundary is read, causing an information leak. The Samsung ID is SVE-2017-9109 July 2017...

Siemens SIMATIC Devices Integer Overflow or Wraparound (CVE-2024-58017)

printk: Fix signed integer overflow when defining LOGBUFLENMAX This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503397; scriptversion"1.2";...

EUVD-2021-26795

Malware in sbrugna...

CVE-2021-3473

An internal product security audit of Lenovo XClarity Controller XCC discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator LXCA is used to perform the backup/restore. The backup/restore password typically exists...

CLSA-2025-1742926277 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895...

CLSA-2025-1742731930 openssh: Fix of CVE-2025-26465

CVE-2025-26465: fix vulnerability in OpenSSH when the VerifyHostKeyDNS option is enabled - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without truncation openssh bz3012 Orabug: 30448895...

printk: Fix signed integer overflow when defining LOG_BUF_LEN_MAX

...

SUSE CVE-2024-58017

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

AZL-57808 CVE-2024-58017 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

DEBIAN-CVE-2024-58017

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

AZL-57857 CVE-2024-58005 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: tpm: Change to kvalloc in eventlog/acpi.c The following failure was reported on HPE ProLiant D320: 10.693310 T1 tpmtis STM0925:00: 2.0 TPM device-id 0x3, rev-id 0 10.848132 T1 ------------ cut here ------------ 10.853559 T1...

UBUNTU-CVE-2024-58017

In the Linux kernel, the following vulnerability has been resolved: printk: Fix signed integer overflow when defining LOGBUFLENMAX Shifting 1 31 on a 32-bit int causes signed integer overflow, which leads to undefined behavior. To prevent this, cast 1 to u32 before performing the shift, ensuring...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a signed integer overflow when defining LOGBUFLENMAX...

PT-2023-31457 · WordPress · Active Directory Integration / Ldap Integration

Name of the Vulnerable Software and Affected Versions: Active Directory Integration / LDAP Integration WordPress plugin versions prior to 4.1.10 Description: The issue concerns the storage of sensitive LDAP logs in a buffer file when an administrator exports them. Unfortunately, this log file is...

GSD-2022-1007195 nvme-hwmon: kmalloc the NVME SMART log buffer

nvme-hwmon: kmalloc the NVME SMART log buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.152 by commit...

PT-2022-35234 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.76 Description: The issue concerns the nvme-hwmon module in the Linux Kernel, specifically with the allocation of the NVME SMART log buffer using kmalloc. The actual impact and potential for attack have no...

PT-2022-34936 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.6 Description: The issue concerns the nvme-hwmon component, specifically the allocation of the NVME SMART log buffer using kmalloc. The actual impact and potential for attack have not been proven yet...

CVE-2021-3473

An internal product security audit of Lenovo XClarity Controller XCC discovered that the XCC configuration backup/restore password may be written to an internal XCC log buffer if Lenovo XClarity Administrator LXCA is used to perform the backup/restore. The backup/restore password typically exists...