9 matches found
CVE-2026-10652
Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...
CVE-2026-43062
CVE-2026-43062 concerns the Linux kernel Bluetooth L2CAP path, where l2cap_ecred_reconf_rsp() incorrectly casts incoming data to struct l2cap_ecred_conn_rsp instead of struct l2cap_ecred_reconf_rsp. This type confusion causes: (1) the length check to require 8 bytes instead of 2, rejecting valid ...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: media: venus: Added a check for the packet size after reading from shared memory. A check was added to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory...
media: venus: Add a check for packet size after reading from shared memory
...
AZL-66944 CVE-2025-39710 affecting package kernel for versions less than 6.6.104.2-1
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710 media: venus: Add a check for packet size after reading from shared memory
In the Linux kernel, the following vulnerability has been resolved: media: venus: Add a check for packet size after reading from shared memory Add a check to ensure that the packet size does not exceed the number of available words after reading the packet header from shared memory. This ensures...
CVE-2025-39710
CVE-2025-39710: In the Linux kernel, the Venus media driver adds a packet-size validation after reading the header from shared memory to ensure the reported size cannot exceed the number of available words. This fixes potential out-of-bounds memory accesses by firmware-provided sizes. The fix tar...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an insufficient MTU check, which could lead to a crash...
PJSIP 缓冲区错误漏洞
PJSIP is a free and open source multimedia communications library written in C that implements standards-based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. PJSIP suffers from a buffer error vulnerability that arises from the fact that if an incoming "RTCP BYE" message contains a reason...