PT-2025-53128

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the fs/ntfs3 component. A UBSAN Undefined Behavior Sanitizer error can occur in the true sectors per clst function, specifically due to a...

OPENSUSE-SU-2025:0147-1 Security update for mozjs102

This update for mozjs102 fixes the following issue: - CVE-2024-56431: avoid negative shift in huffdec.c bsc1234837...

Security update for mozjs60

This update for mozjs60 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : mozjs52 (SUSE-SU-2025:1340-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:1340-1 advisory. - CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Tenable has extracted the preceding...

Security update for mozjs52

This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

SUSE-SU-2025:1340-1 Security update for mozjs52

This update for mozjs52 fixes the following issues: - CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837...

Security update for mozjs52

This update for mozjs52 fixes the following issues: CVE-2024-56431: Fixed a negative shift in huffdec.c bsc1234837. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from the iscsiibft module generating negative shift indices when processing IPv6 subnet masks, triggering a UBSA...

CVE-2022-49553

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectorsperclusters When the NTFS BOOT sectorsperclusters field is 0x80, it represents a shift value. Make sure that the shift value is not too large before using it NTFS max cluster size is 2MB. Return...

SUSE CVE-2024-56431

ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash...

EUVD-2024-53141

ochufftreeunpack in huffdec.c in libtheora in Theora through 1.0 7180717 has an invalid negative left shift. NOTE: this is disputed by third parties because there is no evidence of a security impact, e.g., an application would not crash...

SUSE CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

DEBIAN-CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

UBUNTU-CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2 returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shif...

CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...

CVE-2024-26851

CVE-2024-26851 concerns the Linux kernel netfilter nf_conntrack_h323 path. The issue arises when decoding H.323 ras messages: an abnormal skb->data can cause the extension bitmap length to exceed 32, leading to a length-based shift that may become negative and trigger UBSAN reports. The workar...

zlib: Undefined left shift of negative number

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers...