Off-by-one Error

Overview Affected versions of this package are vulnerable to Off-by-one Error in the ParseRTR function in rtr.go. An attacker can cause a crash by sending an RTR message of unexpected length. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to...

CVE-2025-39930

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use freedevicenode at graphutilparsedai commit 419d1918105e "ASoC: simple-card-utils: use freedevicenode for device node" uses freedevicenode for dlc-ofnode, but we need to keep it while driver is i...

DEBIAN-CVE-2025-38240

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: drmerr = deverr in HPD path to avoid NULL ptr The function mtkdpwaithpdasserted may be called before the mtkdp-drmdev pointer is assigned in mtkdpbridgeattach. Specifically it can be called via this callpath: -...

UBUNTU-CVE-2025-39930

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use freedevicenode at graphutilparsedai commit 419d1918105e "ASoC: simple-card-utils: use freedevicenode for device node" uses freedevicenode for dlc-ofnode, but we need to keep it while driver is i...

CVE-2025-39930 ASoC: simple-card-utils: Don't use __free(device_node) at graph_util_parse_dai()

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Don't use freedevicenode at graphutilparsedai commit 419d1918105e "ASoC: simple-card-utils: use freedevicenode for device node" uses freedevicenode for dlc-ofnode, but we need to keep it while driver is i...

SUSE CVE-2025-32906

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

AZL-60572 CVE-2025-22872 affecting package helm for versions less than 3.15.2-3

The tokenizer incorrectly interprets tags with unquoted attribute values that end with a solidus character / as self-closing. When directly using Tokenizer, this can result in such tags incorrectly being marked as self-closing, and when using the Parse functions, this can result in content...

CVE-2025-22117

In the Linux kernel, the following vulnerability has been resolved: ice: fix using untrusted value of pktlen in icevcfdirparseraw Fix using the untrusted value of proto-raw.pktlen in function icevcfdirparseraw by verifying if it does not exceed the VIRTCHNLMAXSIZERAWPACKET value...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the msmparsedeps error code, which could lead to null pointer dereferences...

The vulnerability of the parse_sec_desc() function in the fs/smb/server/smbacl.c module of the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the parsesecdesc function in the fs/smb/server/smbacl.c module of the Linux operating system is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

PT-2025-20346

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double free bug has been identified in the chameleon parse gdd function. When mcb device register fails, the mdev device is released via put device. However, if the function then...

UBUNTU-CVE-2025-32906

A flaw was found in libsoup, where the soupheadersparserequest function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server...

The vulnerability of the `parse_server_interfaces()` function in the `fs/smb/client/smb2ops.c` module allows a hacker to compromise the integrity of protected information or cause service failures for the SMB kernel client of the Linux operating system.

The vulnerability of the parseserverinterfaces function in the fs/smb/client/smb2ops.c module, which is part of the SMB client support in Linux operating systems, involves a numerical port escape or cyclic shift vulnerability. Exploiting this vulnerability could allow an attacker to compromise th...

Vulnerability of the parse_qcomsmem_part() function in the drivers/mtd/parsers/qcomsmempart.c module – This is a memory support driver for Linux kernel, which allows an attacker to trigger a system failure.

Vulnerability of the parseqcomsmempart function in the drivers/mtd/parsers/qcomsmempart.c module – Linux kernel’s memory support drivers are vulnerable due to a reliance on the NULL pointer pointer. Exploiting this vulnerability could allow an attacker to cause system failures...

libsoup 缓冲区错误漏洞

libsoup is a GNOME HTTP client/server library from the GNOME Project. A buffer error vulnerability exists in libsoup, which stems from an out-of-bounds read in the function soupheadersparserequest, which could cause the HTTP server to crash...

The vulnerability of the parse_tag() function in the libass/ass_parse.c component of the ASS/SSA subtitle renderer library in Libass allows a attacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the parsetag function in the libass/assparse.c component of the ASS/SSA subtitle renderer library in Libass is related to the allocation of unlimited memory. Exploiting this vulnerability could allow a malicious actor to gain access to confidential data, compromise its...

The vulnerability of the parse_module() function in the bfd/vms-alpha.c component of the GNU Binutils development environment allows a attacker to access confidential data and also trigger a service failure.

The vulnerability of the parsemodule function in the bfd/vms-alpha.c component of the GNU Binutils development environment is related to reading data from beyond the allowed buffer limits. Exploiting this vulnerability could allow an attacker to access confidential data and also cause service...

CVE-2025-32366

In ConnMan through 1.44, parserr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., rdlen=ntohsrr-rdlen and memcpyresponse+offset,end,rdlen without a check for whether the sum of end and rdlen exceeds max. Consequently, rdlen may be larger than the amount of remaining...

SUSE CVE-2025-21996

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix uninitialized size issue in radeonvcecsparse On the off chance that command stream passed from userspace via ioctl call to radeonvcecsparse is weirdly crafted and first command to execute is to encode case...

SUSE CVE-2025-21946

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds in parsesecdesc If osidoffset, gsidoffset and dacloffset could be greater than smbntsd struct size. If it is smaller, It could cause slab-out-of-bounds. And when validating sid, It need to check it includ...