3078 matches found
CVE-2025-68811
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
AZL-74483 CVE-2025-68794 affecting package kernel for versions less than 6.6.121.1-1
In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomapadjustreadrange assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case...
CVE-2025-68811
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
UBUNTU-CVE-2025-68811
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
CVE-2025-68811
This CVE-2025-68811 concerns the Linux kernel svcrdma path. The root cause is in svc_rdma_copy_inline_range where rc_curpage (page index) was used in the page base instead of the byte offset rc_pageoff, causing memcpy operations to land incorrectly within a page. The advisory/entries in Red Hat, ...
CVE-2025-68811 svcrdma: use rc_pageoff for memcpy byte offset
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
CVE-2025-68811 svcrdma: use rc_pageoff for memcpy byte offset
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
CVE-2025-68794 iomap: adjust read range correctly for non-block-aligned positions
In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomapadjustreadrange assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case...
CVE-2025-68794
CVE-2025-68794 concerns a Linux kernel iomap read-range calculation bug where iomap_adjust_read_range() assumed block alignment for position and length. The issue could cause over-skipping of bytes for uptodate blocks, leading to an incorrect read position/length and, in the worst case, an underf...
CVE-2025-68794 iomap: adjust read range correctly for non-block-aligned positions
In the Linux kernel, the following vulnerability has been resolved: iomap: adjust read range correctly for non-block-aligned positions iomapadjustreadrange assumes that the position and length passed in are block-aligned. This is not always the case however, as shown in the syzbot generated case...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Check the untrusted offset in FF-A memory share Verify the offset to prevent OOB access in the hypervisor FF-A buffer in case an untrusted large enough value U32MAX - sizeofstruct ffacompositememregion + 1, U32MAX is...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix PPMAGICMASK to avoid crashing on some 32-bit arches Helge reported that the introduction of PPMAGICMASK let to crashes on boot on his 32-bit parisc machine. The cause of this is the mask is set too wide, so the...
PT-2026-2543
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s svcrdma functionality related to memory copying. Specifically, the svc rdma copy inline range function incorrectly added the page index rc curpage to...
K000159061: Linux kernel vulnerability CVE-2024-56626
Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix Out-of-Bounds Write in ksmbdvfsstreamwrite. An offset from client could be a negative value, it could allows to write data outside the bounds of the allocated buffer. Note that this issue ...
kernel: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()
A flaw exists in the Linux kernel’s HID multitouch driver function mtreportfixup in drivers/hid/hid-multitouch.c. A malicious HID device may supply a report descriptor smaller than 607 bytes; the function then attempts to access and patch byte offset 607 without first verifying the descriptor...
CVE-2019-11592
WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews.php, admin/editbannersuser.php, admin/editfaqscategory.php, or admin/excludeuser.php, or the offset parameter to admin/edituser.php...
CVE-2022-0614
Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2...
Moderate: Red Hat Security Advisory: python3.12 security update
An update for python3.12 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...
cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked
A zip file handling flaw has been discovered in the python standard library zipfile module. The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to locate the ZIP64 EOCD record, instead the ZIP64 EOCD record wou...