389 matches found
CVE-2026-23275
CVE-2026-23275 (Linux kernel, io_uring): The issue arises when DEFER_TASKRUN | SETUP_TASKRUN are used and task work is added while the ring is resized, allowing an overlap window where IORING_SQ_TASKRUN could be OR’ed on the old/new rings during swapping. The fix adds a 2nd rings pointer, →rings_...
CVE-2026-23275 io_uring: ensure ctx->rings is stable for task work flags manipulation
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...
CVE-2026-23275 io_uring: ensure ctx->rings is stable for task work flags manipulation
In the Linux kernel, the following vulnerability has been resolved: iouring: ensure ctx-rings is stable for task work flags manipulation If DEFERTASKRUN | SETUPTASKRUN is used and task work is added while the ring is being resized, it's possible for the OR'ing of IORINGSQTASKRUN to happen in the...
PT-2026-26764
Name of the Vulnerable Software and Affected Versions Vikunja versions prior to 2.2.0 Description The software is susceptible to a denial-of-service DoS condition triggered by unbounded image decoding and resizing during preview generation. An attacker can exploit this by providing a highly...
Vikunja Affected by DoS via Image Preview Generation
Vulnerability: Unbounded image decoding and resizing during preview generation lets an attacker exhaust CPU and memory with highly compressed but extremely large-dimension images. - Affected code: - Decoding without bounds: taskattachment.go:GetPreview - Resizing path: resizeImage - Endpoint...
OpenStack Nova 安全漏洞
OpenStack Nova is a core computing service component of the OpenStack open-source framework. Versions of OpenStack Nova prior to 30.2.2, 31.2.1, and 32.1.1 have security vulnerabilities. These vulnerabilities stem from the Flat image backend’s failure to apply format restrictions when processing...
USN-8049-1: Nova vulnerability
Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system...
PT-2026-20566
Dan Smith discovered that Nova incorrectly called qemu-img without a format restriction when resizing disks. An attacker could possibly use this issue to destroy data on the host system...
[SECURITY] Fedora 43 Update: xorgxrdp-0.10.5-1.fc43
xorgxrdp is a set of X11 modules that make Xorg act as a backend for xrdp. Xorg with xorgxrdp is the most advanced xrdp backend with support for screen resizing and multiple monitors...
[SECURITY] Fedora 42 Update: xorgxrdp-0.10.5-1.fc42
xorgxrdp is a set of X11 modules that make Xorg act as a backend for xrdp. Xorg with xorgxrdp is the most advanced xrdp backend with support for screen resizing and multiple monitors...
GHSA-HRR4-3WGR-68X3 Navidrome affected by Denial of Service and disk exhaustion via oversized `size` parameter in `/rest/getCoverArt` and `/share/img/<token>` endpoints
Summary Authenticated users can crash the Navidrome server by supplying an excessively large size parameter to /rest/getCoverArt or to a shared-image URL /share/img/. When processing such requests, the server attempts to create an extremely large resized image, causing uncontrolled memory growth...
MiracleLinux 3 : nss_ldap-253-12AXS3 (AXSA:2008-381:03)
The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2008-381:03 advisory. The nssldap package contains the nssldap and pamldap modules. The nssldap module is a plug-in which allows applications to retrieve information about users an...
MiracleLinux 8 : kernel-4.18.0-553.66.1.el8_10 (AXSA:2025-10755:54)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10755:54 advisory. kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kernel: memstick: rtsxusbms: Fix slab-use-after-free in...
MiracleLinux 7 : kernel-3.10.0-1160.119.1.0.14.el7.AXS7 (AXSA:2025-10933:76)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10933:76 advisory. x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992425)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992425 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991147)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991147 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the...
CVE-2023-53800
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...
SUSE CVE-2023-53800
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...
Linux Distros Unpatched Vulnerability : CVE-2023-53800
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN:...
CVE-2023-53800
In the Linux kernel, the following vulnerability has been resolved: ubi: Fix use-after-free when volume resizing failed There is an use-after-free problem reported by KASAN: ================================================================== BUG: KASAN: use-after-free in ubiebacopytable+0x11f/0x1c...