Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: ext4: add reserved GDT blocks check We capture a NULL pointer issue when resizing a corrupt ext4 image which is freshly clear resizeinode feature not run e2fsck. It could be simply reproduced by following steps. The problem is...

Linux Distros Unpatched Vulnerability : CVE-2026-31596

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: handle invalid dinode in ocfs2groupextend BUG kernel BUG at fs/ocfs2/resize.c:308! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP:...

CVE-2026-33021

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain a use-after-free vulnerability in sixelencoderencodebytes because sixelframeinit stores the caller-owned pixel buffer pointer directly in frame-pixels without making a defensive copy...

SUSE-SU-2026:20268-1 Security update for abseil-cpp

This update for abseil-cpp fixes the following issues: Update to version 20230802.3: - CVE-2025-0838: Fixed potential integer overflow in hash container create/resize 1813 bsc1237543...

UBUNTU-CVE-2023-53718

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not swap cpubuffer during resize process When ringbufferswapcpu was called during resize process, the cpu buffer was swapped in the middle, resulting in incorrect state. Continuing to run in the wrong state will...

Linux Distros Unpatched Vulnerability : CVE-2023-52672

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pipe: wakeup wrwait after setting maxusage Commit c73be61cede5 pipe: Add general notificatio...

UBUNTU-CVE-2022-50020

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration...

DEBIAN-CVE-2024-50279

In the Linux kernel, the following vulnerability has been resolved: dm cache: fix out-of-bounds access to the dirty bitset when resizing dm-cache checks the dirty bits of the cache blocks to be dropped when shrinking the fast device, but an index bug in bitset iteration causes out-of-bounds acces...

DEBIAN-CVE-2023-52705

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFSSB2OFFSETBYTES, which computes the position of the second superblock, underflows when the argument device size is less than 4096 bytes. Therefore, when...

UBUNTU-CVE-2023-52622

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbgsize, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARNO...

DEBIAN-CVE-2023-41056

Redis is an in-memory database that persists on disk. Redis incorrectly handles resizing of memory buffers which can result in integer overflow that leads to heap overflow and potential remote code execution. This issue has been patched in version 7.0.15 and 7.2.4...

DEBIAN-CVE-2022-22741

When resizing a popup while requesting fullscreen access, the popup would have become unable to leave fullscreen mode. This vulnerability affects Firefox ESR 91.5, Firefox 96, and Thunderbird 91.5...

kernel: ext4: add reserved GDT blocks check

A flaw was found in the ext4 module in the Linux kernel. Resizing a corrupt ext4 image can cause a NULL pointer dereference due to a missing check if the reserved GDT blocks is zero when the resizeinode feature is disabled, resulting in a denial of service...

OPENSUSE-SU-2021:1249-1 Security update for gifsicle

This update for gifsicle fixes the following issues: Update to version 1.93: Fix security bug on certain resize operations with --resize-method=box Fix problems with colormapless GIFs. Update to version 1.92 Add --lossy option from Kornel Lipiński. Remove an assertion failure possible with...

PYSEC-2021-291

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in applications serving models using tf.rawops.NonMaxSuppressionV5 by triggering a division by 0. The implementation uses a user controlled argument to resize a...

DEBIAN-CVE-2018-14337

The CHECK macro in mrbgems/mruby-sprintf/src/sprintf.c in mruby 1.4.1 contains a signed integer overflow, possibly leading to out-of-bounds memory access because the mrbstrresize function in string.c does not check for a negative length...