10 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : ngtcp2 vulnerability (USN-8300-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8300-1 advisory. Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking...
CVE-2026-9137 CSP Report Endpoint Log Flooding in MISP via Incorrect Size Limit
The CSP report endpoint in MISP intended to limit logged CSP reports to 1 KB but incorrectly allowed reports up to 1 MB before truncation. On deployments where the endpoint is reachable by untrusted clients, this could allow attackers to generate excessive log volume and contribute to resource...
MISP 资源管理错误漏洞
MISP is a set of open-source software solutions developed by MISP. This product is used for collecting, storing, distributing, and sharing network security metrics. It also includes functions such as analyzing threats to network security and malware analysis. MISP has a resource management...
EUVD-2025-205066
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...
PT-2025-48359
Name of the Vulnerable Software and Affected Versions AIS-catcher versions prior to 0.64 Description AIS-catcher is a multi-platform AIS receiver. A heap buffer overflow exists in the AIS::Message class. This allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer...
DEBIAN-CVE-2023-53143
In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...
UBUNTU-CVE-2023-53143
In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: struct fsmaphead cmd = .fmhcount = ...; .fmhkeys = .fmrdevice = / ext4 dev /, .fmrphysical = 0, ,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a difference-in-one error in the fsmap of the ext4 filesystem at a block size of 1k...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...