Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: vfio/platform: checking the bounds of read/write syscalls. The count and offset parameters are passed from user space without being checked. Only the offset is capped at 40 bits, which can be used to read/write data beyond the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: filemap: Avoid truncating the 64-bit offset to 32 bits. On 32-bit kernels, the folioseekholedata function inadvertently truncated a 64-bit value to 32 bits, which could lead to an infinite loop when writing to an xfs filesystem...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: iomap: Avoid truncating the 64-bit offset to 32 bits. On 32-bit kernels, iomapwritedelallocscan inadvertently used a 32-bit position due to folionextindex returning a unsigned long value. This could lead to an infinite loop when...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: HWS, fix the definer’s HWSSET32 macro for negative offsets When the bit offset of the HWSSET32 macro is negative, UBSAN reports a out-of-bounds shift. UBSAN: out-of-bounds in...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ksmbd: A out-of-bounds error in parsesecdesc has been fixed. If osidoffset, gsidoffset, and dacloffset can be greater than smbntsdstruct.size. If they are smaller, it may lead to an out-of-bounds situation. Additionally, when...

Vulnerability of components of Linux operating system’s kernel, net/smc, allowing a hacker to trigger a service failure

The vulnerability of the net/smc components in Linux operating systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure by sending specially crafted data with parameters such as v2extoffset, eidcnt, and ismgidcnt...

CVE-2024-53017 Use of Out-of-range Pointer Offset in Camera Driver

Memory corruption while handling test pattern generator IOCTL command...

CVE-2024-53017 Use of Out-of-range Pointer Offset in Camera Driver

Memory corruption while handling test pattern generator IOCTL command...

CVE-2024-53017

CVE-2024-53017 concerns Qualcomm chipsets where the camera driver’s Test Pattern Generator IOCTL handling can trigger memory corruption. Multiple connected sources align on a root cause described as “Use of Out-of-range Pointer Offset in Camera Driver,” with local exploitation potential and parti...

SUSE CVE-2025-46806

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

CVE-2025-46806

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

DEBIAN-CVE-2025-46806

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

CVE-2025-46806

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

UBUNTU-CVE-2025-46806

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

CVE-2025-46806

A flaw was found in sslh. This vulnerability allows an application-level denial of service via an out-of-range pointer offset on certain architectures. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria...

CVE-2025-46806 Misaligned Memory Accesses in `is_openvpn_protocol()`

A Use of Out-of-range Pointer Offset vulnerability in sslh leads to denial of service on some architectures.This issue affects sslh before 2.2.4...

Feng Office 注入漏洞

Feng Office formerly known as OpenGoo is an open source online office system by the Feng Office team. The system provides task management, schedule management, document management and Email sending and receiving functions. An injection vulnerability exists in Feng Office version 3.5.1.5, which...

CVE-2024-33043

Transient DOS while handling PS event when Program Service name length offset value is set to 255...

CVE-2024-42383

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field...

CVE-2023-22727

CakePHP is a development framework for PHP web apps. In affected versions the Cake\Database\Query::limit and Cake\Database\Query::offset methods are vulnerable to SQL injection if passed un-sanitized user request data. This issue has been fixed in 4.2.12, 4.3.11, 4.4.10. Users are advised to...