Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

EUVD-2018-3574

Malware in sbrugna...

EUVD-2022-0283

Malicious code in bioql PyPI...

EUVD-2025-30848

Malicious code in bioql PyPI...

DEBIAN-CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

CVE-2025-39888

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

CVE-2025-39888 fuse: Block access to folio overlimit

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

CVE-2025-39888 fuse: Block access to folio overlimit

In the Linux kernel, the following vulnerability has been resolved: fuse: Block access to folio overlimit syz reported a slab-out-of-bounds Write in fusedevdowrite. When the number of bytes to be retrieved is truncated to the upper limit by fc-maxpages and there is an offset, the oob is triggered...

CVE-2025-39888

CVE-2025-39888 concerns a Linux kernel issue in fuse: Block access to folio overlimit. A slab-out-of-bounds write occurred in fuse_dev_do_write when the OOB condition could trigger if bytes to retrieve are truncated to fc->max_pages and an offset is present. The root cause was not fully detail...

PT-2025-39145

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to fuse. Specifically, a slab-out-of-bounds write condition was identified in the fuse dev do write function. This issue occurs when the number o...

Linux Distros Unpatched Vulnerability : CVE-2024-36288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not...

CVE-2025-47868 Apache NuttX RTOS: tools/bdf-converter.: tools/bdf-converter: Fix loop termination condition.

Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active...

CVE-2018-11547

mdislinkreferencedefinitionhelper in md4c 0.2.5 has a heap-based buffer over-read because mdislinklabel mishandles loop termination...

AZL-49887 CVE-2024-46863 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-lnl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...

SUNRPC: Fix loop termination condition in gss_free_in_token_pages()

...

SUSE CVE-2024-36288

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range 0x04a2013400000008-0x04a20134000000...

AZL-42850 CVE-2024-36288 affecting package kernel for versions less than 5.15.162.2-1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range 0x04a2013400000008-0x04a20134000000...

CVE-2024-36288 SUNRPC: Fix loop termination condition in gss_free_in_token_pages()

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gssfreeintokenpages The intoken-pages array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range 0x04a2013400000008-0x04a20134000000...

DEBIAN-CVE-2023-1108

A flaw was found in undertow. This issue makes achieving a denial of service possible due to an unexpected handshake status updated in SslConduit, where the loop never terminates...

PYSEC-2022-222

The Security Team noticed that the termination condition of the for loop in the readExternal method is a controllable variable, which, if tampered with, may lead to CPU exhaustion. As a fix, we added an upper bound and termination condition in the read and write logic. We classify it as a...