2 matches found
Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : ngtcp2 vulnerability (USN-8300-1)
The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8300-1 advisory. Zou Dikai discovered that ngtcp2 serialized peer transport parameters into a fixed 1024-byte stack buffer without bounds checking...
grub2: Stack buffer overflow in grub_parser_split_cmdline()
A flaw was found in grub2. Variable names present are expanded in the supplied command line into their corresponding variable contents, using a 1kB stack buffer for temporary storage, without sufficient bounds checking. If the function is called with a command line that references a variable with...