3088 matches found
CVE-2023-4130 ksmbd: fix wrong next length validation of ea buffer in smb2_set_ea()
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix wrong next length validation of ea buffer in smb2setea There are multiple smb2eainfo buffers in FILEFULLEAINFORMATION request from client. ksmbd find next smb2eainfo using -NextEntryOffset of current smb2eainfo. ksmbd...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a comedi pcl812 bit offset out-of-bounds, which could lead to a userspace vulnerability...
Security update for libavif
This update for libavif fixes the following issues: update to 1.3.0: CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in stream-offset+size...
SUSE-SU-2025:02817-1 Security update for libavif
This update for libavif fixes the following issues: - update to 1.3.0: - CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 - CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in...
SUSE-SU-2025:02816-1 Security update for libavif
This update for libavif fixes the following issues: - update to 1.3.0: - CVE-2025-48175: Fixed an integer overflows in multiplications involving rgbRowBytes, yRowBytes, uRowBytes, and vRowBytes. bsc1243270 - CVE-2025-48174: Fixed an integer overflow and resultant buffer overflow in...
Linux Distros Unpatched Vulnerability : CVE-2018-12387
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes...
Linux Distros Unpatched Vulnerability : CVE-2023-53002
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/i915: Fix a memory leak with reused mmapoffset drmvmanodeallow and drmvmanoderevoke should be called in balanced pairs. We call drmvmanodeallow once per-fil...
Linux Distros Unpatched Vulnerability : CVE-2022-49993
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - loop: Check for overflow while configuring loop The userspace can configure a loop using an ioctl call, wherein a configuration of type loopconfig is passed se...
Netis WF2880 安全漏洞
The Netis WF2880 is a wireless router from the Chinese company Netis. A buffer overflow vulnerability exists in the Netis WF2880 FUN0047151c function, which can be exploited by an attacker to cause a denial of service attack...
BIT-PYTHON-2025-8194 Tarfile infinite loop during parsing with negative member offset
There is a defect in the CPython “tarfile” module affecting the “TarFile” extraction and entry enumeration APIs. The tar implementation would process tar archives with negative offsets without error, resulting in an infinite loop and deadlock during the parsing of maliciously crafted tar archives...
Linux Distros Unpatched Vulnerability : CVE-2024-45014
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: s390/boot: Avoid possible physmeminfo segment corruption When physical memory for the kernel...
Linux Distros Unpatched Vulnerability : CVE-2022-48424
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An unhandled page fault may occur. CVE-2022-48424 Note that Ness...
Linux Distros Unpatched Vulnerability : CVE-2025-22122
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB...
Linux Distros Unpatched Vulnerability : CVE-2024-58000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: prevent reg-wait speculations With ENTEREXTARGREG instead of passing a user pointer...
Linux Distros Unpatched Vulnerability : CVE-2023-52769
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU...
Linux Distros Unpatched Vulnerability : CVE-2024-46708
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: x1e80100: Fix special pin offsets Remove the erroneus 0x100000 offset to...
Linux Distros Unpatched Vulnerability : CVE-2022-49848
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: phy: qcom-qmp-combo: fix NULL-deref on runtime resume Commit fc64623637da phy:...
CVE-2025-54885
Thinbus Javascript Secure Remote Password is a browser SRP6a implementation for zero-knowledge password authentication. In versions 2.0.0 and below, a protocol compliance bug causes the client to generate a fixed 252 bits of entropy instead of the intended bit length of the safe prime defaulted t...
Linux Distros Unpatched Vulnerability : CVE-2024-42293
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Fix lockless walks with static and dynamic page-table folding Lina reports random...
Security update for xz
This update for xz fixes the following issues: CVE-2025-31115: Fixed heap use after free and writing to an address based on the null pointer plus an offset bsc1240414 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...