11 matches found
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is validated by...
GHSA-CX3H-4QPV-8HC9 Tornado has out-of-bounds memory access via C extension
Summary Tornado's optional native extension tornado.speedups implements websocketmask without validating that the mask argument is exactly four bytes long. The C function reads four bytes from mask unconditionally, even when Python passes a shorter byte string. This can read beyond the provided...
Linux Distros Unpatched Vulnerability : CVE-2025-21679
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: btrfs: add the missing error handling inside getcanonicaldevpath Inside function...
DEBIAN-CVE-2025-37944
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12kdpmonsrngprocess Currently, ath12kdpmonsrngprocess uses ath12khalsrngsrcgetnextentry to fetch the next entry from the destination ring. This is incorrect because...
CVE-2021-47393 hwmon: (mlxreg-fan) Return non-zero value when fan current state is enforced from sysfs
In the Linux kernel, the following vulnerability has been resolved: hwmon: mlxreg-fan Return non-zero value when fan current state is enforced from sysfs Fan speed minimum can be enforced from sysfs. For example, setting current fan speed to 20 is used to enforce fan speed to be at 100% speed, 19...
ALPINE-CVE-2021-36411
An issue has been found in libde265 v1.0.8 due to incorrect access control. A SEGV caused by a READ memory access in function deriveboundaryStrength of deblock.cc has occurred. The vulnerability causes a segmentation fault and application crash, which leads to remote denial of service...
The vulnerability of the SMB2_negotiate function (fs/cifs/smb2pdu.c) in the Linux operating system allows a hacker to execute arbitrary code.
The vulnerability of the SMB2negotiate function fs/cifs/smb2pdu.c in the Linux operating system is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code...
CVE-2019-8381
An issue was discovered in Tcpreplay 4.3.1. An invalid memory access occurs in dochecksum in checksum.c. It can be triggered by sending a crafted pcap file to the tcpreplay-edit binary. It allows an attacker to cause a Denial of Service Segmentation fault or possibly have unspecified other impact...
CVE-2018-14403
Removed by vendor...
CVE-2016-9386
The x86 emulator in Xen does not properly treat x86 NULL segments as unusable when accessing memory, which might allow local HVM guest users to gain privileges via vectors involving "unexpected" base/limit values...
CVE-2007-6354
Unspecified vulnerability in exiftags before 1.01 has unknown impact and attack vectors, resulting from a "field offset overflow" that triggers an "illegal memory access," a different vulnerability than CVE-2007-6355...