Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Soundwire: Cadence – fix invalid PDI offset For some reason, we added an offset to the PDI field. presumably to skip the PDI0 and PDI1, which are reserved for BPT. However, this code is completely incorrect and leads to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989802 advisory. In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumab...

MAL-2025-13107 Malicious code in @zalastax/nolb-pdi (npm)

The package @zalastax/nolb-pdi was found to contain malicious code...

Malicious code in @zalastax/nolb-pdi (npm)

The package @zalastax/nolb-pdi was found to contain malicious code...

SUSE CVE-2024-38635

In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access...

CVE-2024-38635

CVE-2024-38635 pertains to the Linux kernel soundwire cadence driver. The root cause was an incorrect PDI offset that added an offset to the PDI array, risking out-of-bounds access. A follow-up patch completely removes this useless offset. The Fixes tag was not provided because no known platforms...

CVE-2024-38635 soundwire: cadence: fix invalid PDI offset

In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access...

CVE-2024-38635 soundwire: cadence: fix invalid PDI offset

In the Linux kernel, the following vulnerability has been resolved: soundwire: cadence: fix invalid PDI offset For some reason, we add an offset to the PDI, presumably to skip the PDI0 and PDI1 which are reserved for BPT. This code is however completely wrong and leads to an out-of-bounds access...

CVE-2021-41794

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

Buffer overflow

ogsfqdnparse in Open5GS 1.0.0 through 2.3.3 inappropriately trusts a client-supplied length value, leading to a buffer overflow. The attacker can send a PFCP Session Establishment Request with "internet" as the PDI Network Instance. The first character is interpreted as a length value to be used ...

Pentaho Data Integration (PDI) Suite Information Disclosure Vulnerability - Active Check

Pentaho PDI Suite is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

U.S. Defense Information Systems Agency (DISA) Unix Security Readiness Review (SRR) root compromise / VU#433821

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Executive Summary - ----------------- Unprivileged local users can obtain root access on Unix systems where the DISA SRR scripts are run. If a remote user can introduce a file into the filesystem e.g. anonymous ftp, http upload, cdrom, samba share,...