Lucene search
K

30 matches found

AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: tpm2-sessions: Fixed an out-of-range indexing issue in namesize. namesize does not have any range checks; it simply indexes using TPMALGID, which could lead to memory corruption in extreme cases. The issue is addressed by only...

6.4AI score0.00166EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: f2fs: avoided format-overflow warnings With GCC and the W=1 option, there is a warning like this: fs/f2fs/compress.c: In the function ‘f2fsinitpagearraycache’: fs/f2fs/compress.c:1984:47: Error: The ‘%u’ directive is writing 1 to...

7.8CVSS5.2AI score0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/14 5:26 p.m.7 views

CVE-2026-54412

LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqttunpackpublishresponse function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to...

8.8CVSS5.5AI score0.00407EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.8 views

CVE-2026-47329

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses...

3.3CVSS5.4AI score0.00092EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2026/05/31 8:2 a.m.5 views

Gnutls: gnutls: certificate validation bypass due to oversized subject alternative name

...

8.2CVSS5.4AI score0.00423EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2026/05/28 12:0 a.m.16 views

CVE-2026-47329

Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses...

3.3CVSS5.8AI score0.00092EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2026/01/15 12:26 a.m.5 views

SUSE CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

6.3CVSS6.6AI score0.00166EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/01/15 12:24 a.m.4 views

CVE-2025-68792

An out-of-bounds array indexing flaw was found in the Linux kernel's TPM2 session handling code. The namesize lookup function uses TPMALGID values directly as array indices without bounds checking. An unrecognized algorithm ID could cause out-of-bounds memory access, potentially leading to memory...

5.5CVSS5.4AI score0.00166EPSS
Exploits0References4
NVD
NVD
added 2026/01/13 4:16 p.m.6 views

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

0.00166EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2026/01/13 4:16 p.m.8 views

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

5.8AI score0.00166EPSS
Exploits0References10
OSV
OSV
added 2026/01/13 4:16 p.m.2 views

UBUNTU-CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

5.7AI score0.00166EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/01/13 3:29 p.m.19 views

CVE-2025-68792 tpm2-sessions: Fix out of range indexing in name_size

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

0.00166EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/13 3:29 p.m.4 views

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

5.2AI score0.00166EPSS
Exploits0References4Affected Software1
CVE
CVE
added 2026/01/13 3:29 p.m.12 views

CVE-2025-68792

The CVE-2025-68792 issue is in the Linux kernel’s TPM 2.0 sessions code. It fixes an out-of-range indexing in name_size (no range checks on name_size leading to potential memory corruption) by validating known TPM_ALG_ID values and returning -EINVAL for unrecognized inputs. Additional fixes make ...

6.2AI score0.00166EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/01/13 3:29 p.m.3 views

CVE-2025-68792

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

5.5AI score0.00166EPSS
Exploits0
OSV
OSV
added 2026/01/13 3:29 p.m.3 views

CVE-2025-68792 tpm2-sessions: Fix out of range indexing in name_size

In the Linux kernel, the following vulnerability has been resolved: tpm2-sessions: Fix out of range indexing in namesize 'namesize' does not have any range checks, and it just directly indexes with TPMALGID, which could lead into memory corruption at worst. Address the issue by only processing...

6.5AI score0.00166EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of range checking in namesize in tpm2-sessions, which could lead to out-of-bounds indexing...

5.8AI score0.00166EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/30 12:0 a.m.4 views

PT-2026-2524

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the tpm2-sessions component where the name size variable lacks range checks. This could allow for out-of-range indexing, potentially leading to memory...

5.5CVSS5.3AI score0.00166EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/09/12 4:57 a.m.1 views

CVE-2025-10094 Improper Validation of Specified Quantity in Input in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 10.7 before 18.1.6, 18.2 before 18.2.6, and 18.3 before 18.3.2 that could have allowed authenticated users to disrupt access to token listings and related administrative operations by creating tokens with excessively large...

6.5CVSS6.4AI score0.00426EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/08/21 8:20 a.m.4 views

Security update for net-tools

This update for net-tools fixes the following issues: Provide more readable error for interface name size checking bsc1243581 Perform bound checks when parsing interface labels in /proc/net/dev bsc1243581, bsc1246608. CVE-2025-46836 Patch Instructions: To install this SUSE update use the SUSE...

6.6CVSS7.3AI score0.00158EPSS
Exploits0References6
Rows per page
Query Builder