Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vduse: It is now checked that the offset is within the bounds when calling getconfig. This check only examines len, not offset. This could lead to an out-of-bounds read if offset dev-configsize. The issue arises because both...

EUVD-2026-30968

Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handlecomposecommand function in kitty/graphics.c performs bounds validation on composition offsets using unsigned 32-bit arithmetic that is subject to integer wrapping, potentially leading to Heap Buffer...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a comedi pcl812 bit offset out-of-bounds, which could lead to a userspace vulnerability...

CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

DEBIAN-CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

CVE-2021-47604 vduse: check that offset is within bounds in get_config()

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in getconfig This condition checks "len" but it does not check "offset" and that could result in an out of bounds read if "offset dev-configsize". The problem is that since both variables...

GSD-2021-1002733 vduse: check that offset is within bounds in get_config()

vduse: check that offset is within bounds in getconfig This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.11 by commit...

BlueZ 缓冲区错误漏洞

BlueZ is a Bluetooth protocol stack written in C. It is primarily used to provide support for the core Bluetooth layers and protocols. BlueZ suffers from a buffer overflow vulnerability that stems from the clifeatreadcb function in src/gatt-database.c failing to perform a bounds check on the...

CVE-2021-3588

The clifeatreadcb function in src/gatt-database.c does not perform bounds checks on the 'offset' variable before using it as an index into an array for reading...