18 matches found
CVE-2026-32739
A flaw was found in libheif, a HEIF and AVIF file format decoder and encoder. A remote attacker could exploit this vulnerability by providing a specially crafted HEIF High Efficiency Image File Format sequence file. This would trigger an infinite loop during file parsing, consuming 100% CPU...
ALPINE-CVE-2026-32738
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...
CVE-2026-32738
libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...
Linux Distros Unpatched Vulnerability : CVE-2026-33144
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GPAC is an open-source multimedia framework. Prior to commit 86b0e36, a heap-based buffer overflow write vulnerability was discovered in GPAC MP4Box. The...
CVE-2022-50380
In the Linux kernel, the following vulnerability has been resolved: mm: /proc/pid/smapsrollup: fix no vma's null-deref Commit 258f669e7e88 "mm: /proc/pid/smapsrollup: convert to single value seqfile" introduced a null-deref if there are no vma's in the task in showsmapsrollup...
DEBIAN-CVE-2023-53167
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracingerrlogopen Fix an issue in function 'tracingerrlogopen'. The function doesn't call 'seqopen' if the file is opened only with write permissions, which results in 'file-privatedata'...
Linux Distros Unpatched Vulnerability : CVE-2021-33909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an...
Important: kernel
Issue Overview: An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash or a leak of internal kernel information. The issue results from no...
CLSA-2021-1632261987 Fix of CVE: CVE-2021-33909
ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...
OESA-2021-1293 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: fs/seqfile.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka...
The vulnerability in the fs/seq_file.c component of Linux operating systems allows a hacker to increase their privileges.
The vulnerability of the fs/seqfile.c component in Linux operating systems is related to writing beyond the buffer boundaries of memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
kernel: size_t-to-int conversion vulnerability in the filesystem layer
An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...
kernel: size_t-to-int conversion vulnerability in the filesystem layer
An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...
kernel: size_t-to-int conversion vulnerability in the filesystem layer
An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...
kernel: size_t-to-int conversion vulnerability in the filesystem layer
An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...
kernel: size_t-to-int conversion vulnerability in the filesystem layer
An out-of-bounds write flaw was found in the Linux kernel's seqfile in the Filesystem layer. This flaw allows a local attacker with a user privilege to gain access to out-of-bound memory, leading to a system crash, leak of internal kernel information and can escalate privileges. The issue results...
PT-2021-1515
Name of the Vulnerable Software and Affected Versions: Linux kernel versions 3.16 through 5.13.x before 5.13.4 Description: The issue is related to an integer overflow and out-of-bounds write in the Linux kernel's filesystem layer, specifically in the fs/seq file.c component. This can be exploite...
PT-2009-3785 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.29.1 Description: The issue is related to the "udp seq file infrastructure" in the Linux kernel. It allows local users to cause a denial of service panic by reading zero bytes from the /proc/net/udp file and...