201 matches found
Decompressing invalid data can leak information from uninitialized memory or reused output buffer
Decompressing invalid LZ4 data with the block API can leak data from uninitialized memory, or leak content from previous decompression operations when reusing an output buffer. The LZ4 block format defines a "match copy operation" which duplicates previously written data or data from a...
PT-2026-28436
Name of the Vulnerable Software and Affected Versions versions prior to 2026 Description The Delete function does not correctly validate offsets when processing malformed JSON input. This can result in a negative slice index and a runtime panic, potentially leading to a denial of service attack...
Security update for gimp
This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...
SUSE CVE-2026-23204
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
CVE-2026-23204
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
CVE-2026-23204
In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...
RLSA-2026:0759 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smb: client: Fix use-after-free in cifsfilldirent CVE-2025-38051 kernel: smb: client: let recvdone verify dataoffset, datalength and remainingdatalength CVE-2025-39933 kernel: drm/i915:...
CVE-2026-0988 Glib: glib: denial of service via integer overflow in g_buffered_input_stream_peek()
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...
CVE-2026-0988
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...
CVE-2026-0988
CVE-2026-0988 : A flaw in glib2's g_buffered_input_stream_peek() allows an integer overflow during length calculation due to missing validation of offset/count, leading to an incorrect size passed to memcpy() and a potential buffer overflow, causing DoS. Connected advisories confirm this vulnerab...
UBUNTU-CVE-2026-0988
A flaw was found in glib. Missing validation of offset and count parameters in the gbufferedinputstreampeek function can lead to an integer overflow during length calculation. When specially crafted values are provided, this overflow results in an incorrect size being passed to memcpy, triggering...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
CVE-2025-68760
The CVE-2025-68760 entry concerns a Linux kernel vulnerability in the AMD IOMMU where iommu_mmio_write() validates the user offset against mmio_phys_end - 4 (assuming 4-byte access), but iommu_mmio_show() performs an 8-byte read (readq). If the offset equals mmio_phys_end - 4, this allows a 4-byt...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
CVE-2025-40349
CVE-2025-40349 affects the Linux kernel’s hfs/hfsplus_bmap_alloc path. The bug occurs when hfsplus_bmap_alloc retrieves a bitmap using node info and an offset/length that may exceed node_size, risking slab-out-of-bounds page access. The referenced patch adds validation for both offset and length ...
CVE-2023-53819
In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in amdgpuvmupdaterange when offsetinbo+mapsize overflows. v2: keep the validations in amdgpuvmbomap v3: add the validations to...
PT-2025-49679
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the amdgpu driver related to out-of-bounds access. Specifically, a validation issue exists in the drm amdgpu gem va function concerning the offset...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from amdgpu not validating the offsetinbo of drmamdgpugemva, which could lead to out-of-bounds access...