327 matches found
DEBIAN-CVE-2023-53778
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
CVE-2023-53778
The CVE-2023-53778 entry concerns the Linux kernel, specifically the accel/qaic path and DMA mapping logic. The described fix relocates and clarifies overflow checks in map_user_pages() and encode_dma(): a remaining variable replaces previous size checks, and a new condition checks if in_trans-&g...
CVE-2023-53778 accel/qaic: Clean up integer overflow checking in map_user_pages()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in mapuserpages The encodedma function has some validation on intrans-size but it would be more clear to move those checks to findandmapuserpages. The encodedma had two checks: if...
PT-2025-49638
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the accel/qaic component related to integer overflow checking within the map user pages function. The encode dma function previously had validation on...
PT-2025-49711
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the loop device implementation. Specifically, a check is missing in the loop set status from info function before reassigning values to lo-lo offs...
UBUNTU-CVE-2025-40291
In the Linux kernel, the following vulnerability has been resolved: iouring: fix regbuf vector size truncation There is a report of ioestimatebvecsize truncating the calculated number of segments that leads to corruption issues. Check it doesn't overflow "int"s used later. Rough but simple, can b...
CLSA-2025-1764280893 ImageMagick: Fix of CVE-2025-62171
CVE-2025-62171: add overflow check before calculating extent in the BMP decoder...
libnftnl has Heap-based Buffer Overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
GHSA-2FJW-WHXM-9V4Q libnftnl has Heap-based Buffer Overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
CVE-2025-40159 xsk: Harden userspace-supplied xdp_desc validation
In the Linux kernel, the following vulnerability has been resolved: xsk: Harden userspace-supplied xdpdesc validation Turned out certain clearly invalid values passed in xdpdesc from userspace can pass xp,unalignedvalidatedesc and then lead to UBs or just invalid frames to be queued for xmit...
kernel: usbnet: ipheth: fix possible overflow in DPE length check
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...
CLSA-2025-1762191563 qt5-qtbase: Fix of CVE-2023-51714
CVE-2023-51714: fix incorrect HPack integer overflow check in hpacktable.cpp...
CVE-2025-40068 fs: ntfs3: Fix integer overflow in run_unpack()
In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2025-2296)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ipv6: fix panic when forwarding a pkt with no in6 devCVE-2022-49048 netfilter: conntrack: revisit gc autotuningCVE-2022-49110 bpf, sockmap: Fix...
PT-2025-52917
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer overflow issue exists in the Linux kernel's asymmetric key handling. Specifically, a potential overflow can occur when adding binary blob lengths and the size of an asymmetric...
📄 Transmission Torrent Parsing Integer Overflows
Torrent file parsing in Transmission suffers from multiple integer overflow vulnerabilities. I took a look at torrent file parsing in libtransmission, there are a few integer overflows because the trnew/trnew0 allocation wrappers don't handle overflow. define trnewstructtype, nstructs \ structtyp...
Heap-buffer-overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
RUSTSEC-2025-0126 Heap-buffer-overflow in nftnl::Batch::with_page_size (nftnl-rs)
A heap-buffer-overflow vulnerability exists in the Rust wrapper for libnftnl, triggered via the nftnl::Batch::withpagesize constructor. When a small or malformed page size is provided, the underlying C code allocates an insufficient buffer, leading to out-of-bounds writes during batch...
EUVD-2016-7434
Malware in sbrugna...
EUVD-2014-9785
Malware in sbrugna...