SUSE CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

CVE-2026-23307 can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992261)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992261 advisory. In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user...

EUVD-2004-0891

Malware in sbrugna...

EUVD-2023-59776

Malicious code in bioql PyPI...

CVE-2025-39828 atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control().

In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Prevent arbitrary write in atmtcprecvcontrol. syzbot reported the splat below. 0 When atmtcpvopen or atmtcpvclose is called via connect or close, atmtcpsendcontrol is called to send an in-kernel special message. The...

CVE-2023-53220 media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()

In the Linux kernel, the following vulnerability has been resolved: media: az6007: Fix null-ptr-deref in az6007i2cxfer In az6007i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach az6007i2cxfer. If...

CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes...

CVE-2024-57791

In the Linux kernel, the following vulnerability has been resolved: net/smc: check return value of sockrecvmsg when draining clc data When receiving clc msg, the field length in smcclcmsghdr indicates the length of msg should be received from network and the value should not be fully trusted as i...

Qualcomm 芯片安全漏洞

A Qualcomm chip is a chip from Qualcomm Incorporated USA. A way of miniaturizing circuits mainly semiconductor devices, but also passive components, etc. and is often manufactured on the surface of semiconductor wafers. A security vulnerability exists in Qualcomm chips that stems from an incorrec...

FreeBSD : FreeBSD -- Insufficient message length validation in bsnmp library (45a95fdd-f680-11e9-a87f-a4badb2f4699)

A function extracting the length from type-length-value encoding is not properly validating the submitted length. Impact : A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in a denial of service....

FreeBSD-SA-19:20.bsnmp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:20.bsnmp Security Advisory The FreeBSD Project Topic: Insufficient message length validation in bsnmp library Category: contrib Module: bsnmp Announced:...

CVE-2016-6129

The rsaverifyhashex function in rsaverifyhash.c in LibTomCrypt, as used in OP-TEE before 2.2.0, does not validate that the message length is equal to the ASN.1 encoded data length, which makes it easier for remote attackers to forge RSA signatures or public certificates by leveraging a...

MGASA-2016-0338 Updated openssl packages fix security vulnerabilities

Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic CVE-2016-2177. Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code CVE-2016-2178. Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS CVE-2016-2179,...

Debian DSA-3673-1 : openssl - security update

Several vulnerabilities were discovered in OpenSSL : - CVE-2016-2177 Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic. Additional information can be found at https://www.openssl.org/blog/blog/2016/06/27/undefined-p ointer-arithmetic/ - CVE-2016-2178 Cesar Pereida, Billy...

DSA-3673-2 openssl - regression update

Bulletin has no description...

DSA-3673-1 openssl - security update

Bulletin has no description...

FreeBSD : FreeBSD -- Insufficient message length validation for EAP-TLS messages (f115f693-36b2-11e2-a633-902b343deec9)

Problem description : The internal authentication server of hostapd does not sufficiently validate the message length field of EAP-TLS messages. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML databa...

Fedora 17 : hostapd-0.7.3-10.fc17 (2012-15759)

EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Fedora 16 : hostapd-0.7.3-10.fc16 (2012-15748)

EAP-TLS server: Fix TLS Message Length validation Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...