CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

EUVD-2026-32836

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

CVE-2026-46209 drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

PT-2026-44332

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An inconsistency exists in the calculation of sub-sampled plane dimensions within the drm gem fb init with funcs function. While the framebuffer check function uses DIV ROUND UP to round up...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fixed an info leak in hidsubmitctrl. In hidsubmitctrl, the way of calculating the report length does not take into account that report-size can be zero. When running the syzkaller reproducer, a report of size 0 cause...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa – Mitigation of integer overflows in DIVROUNDUP. Herbert notes that DIVROUNDUP may cause unnecessary overflows if the -keysize callback of an ecdsa implementation returns an unusually large value. Instead, Herbert...

SUSE CVE-2025-37984

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIVROUNDUP Herbert notes that DIVROUNDUP may overflow unnecessarily if an ecdsa implementation's -keysize callback returns an unusually large value. Herbert instead suggests for...

UBUNTU-CVE-2025-37984

In the Linux kernel, the following vulnerability has been resolved: crypto: ecdsa - Harden against integer overflows in DIVROUNDUP Herbert notes that DIVROUNDUP may overflow unnecessarily if an ecdsa implementation's -keysize callback returns an unusually large value. Herbert instead suggests for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a DIVROUNDUP integer overflow that could lead to a computation error...

GHSA-2P94-8669-XG86 Vyper's sqrt doesn't define rounding behavior

Vyper's sqrt builtin uses the babylonian method to calculate square roots of decimals. Unfortunately, improper handling of the oscillating final states may lead to sqrt incorrectly returning rounded up results. the fix is tracked in https://github.com/vyperlang/vyper/pull/4486 Vulnerability Detai...

SUSE CVE-2024-26885

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix DEVMAPHASH overflow check on 32-bit arches The devmap code allocates a number hash buckets equal to the next power of two of the maxentries value provided when creating the map. When rounding up to the next power of two,...

potential DOS cause of rounding up at rayMul and rayDiv

Lines of code Vulnerability details Impact In rayMul and rayDiv , there is always rounding up ,cause of that , there will be potential DOS Proof of Concept function normalizeAmount MarketState memory state, uint256 amount internal pure returns uint256 return amount.rayMulstate.scaleFactor; functi...

buyQuote should be rounded up

Lines of code Vulnerability details Impact The buyQuote is not rounded up, which can cause a leak of value, due to the buyQuote being underestimated. Proof of Concept The function Pair.buyQuote does not round up, which can cause the issue described under Impact: function buyQuoteuint256...