PT-2025-54068

In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARN ONs, particularly from pin user pages weirdly returning 0 due to invalid arguments. Prevent creating a...

Moderate: xorg-x11-server-Xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: xorg: xmayland: Use-after-free in XPresentNotify structure creation CVE-2025-62229 xorg: xwayland: Use-after-free in Xkb client resource removal CVE-2025-62230 xorg: xmayland: Value overflow in XkbSetCompatMap...

Tenda G3 formDelPortMapping function stack buffer overflow vulnerability

Tenda G3 is a Qos Vpn router from Tenda China. A stack buffer overflow vulnerability exists in the Tenda G3 formDelPortMapping function, which can be exploited by an attacker to cause a denial of service DoS via a specially crafted request...

AZL-49809 CVE-2024-46852 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix off-by-one in CMA heap fault handler Until VMDONTEXPAND was added in commit 1c1914d6e8c6 "dma-buf: heaps: Don't track CMA dma-buf pages under RssFile" it was possible to obtain a mapping larger than the buffer...

OESA-2024-1548 xorg-x11-server-xwayland security update

Xwayland is an X server for running X clients under Wayland. Security Fixes: A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.CVE-2023-6478 A...

CVE-2024-4123

A vulnerability, which was classified as critical, has been found in Tenda W15E 15.11.0.14. Affected by this issue is the function formSetPortMapping of the file /goform/SetPortMapping. The manipulation of the argument...

kernel: iommufd: Check for uptr overflow

A flaw was found in the iommufd subsystem of the Linux kernel. When setting up a mapping with a user virtual address that wraps past zero or otherwise triggers a pointer/size overflow, the kernel may fail to properly validate and constrain the user-provided values. This can result in a buffer...

CVE-2021-45996

Tenda routers G1 and G3 v15.11.0.179502CN were discovered to contain a stack overflow in the function formSetPortMapping. This vulnerability allows attackers to cause a Denial of Service DoS via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExtern...

Blktrace Buffer Overflow Vulnerability

blktrace a.k.a. Block IO Tracing is a Linux-based tool for collecting IO information from disks. A buffer overflow vulnerability exists in the 'devmapread' function of the btt/devmap.c file in version 1.2.0 of blktrace, which stems from an array of devices and devno's being too small. When used...

GraphicsMagick Heap Overflow Vulnerability

GraphicsMagick is the Swiss Army Knife of image processing. The short and compact code provides a robust and efficient collection of tools and libraries. GraphicsMagick WPG format reader fails to check if a color mapping table entry is greater than 256, leading to a potential heap overflow...