CVE-2026-46101

In the Linux kernel, the following vulnerability has been resolved: netfilter: reject zero shift in nftbitwise Reject zero shift operands for nftbitwise left and right shift expressions during initialization. The carry propagation logic computes the carry from the adjacent 32-bit word using...

CVE-2026-34549

iccDEV contains an Undefined Behavior in IccUtil.cpp caused by invalid left shift on icUInt32Number when processing a crafted ICC profile. Affects versions prior to 2.3.1.6; the issue is fixed in 2.3.1.6. Public references indicate the UB is reported under UndefinedBehaviorSanitizer. There is no ...

EUVD-2026-17714

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to version 2.3.1.6, there is an Undefined Behavior UB condition in IccUtil.cpp triggered by a crafted input profile. Under UndefinedBehaviorSanitizer, the issue is reported as invalid left shift...

Incorrect Bitwise Shift of Integer

Overview Affected versions of this package are vulnerable to Incorrect Bitwise Shift of Integer in the zisofs decompression process due to improper validation of the pzlog2bs field from ISO9660 Rock Ridge extensions. An attacker can cause application crashes and service disruption by supplying a...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

EUVD-2022-54679

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: validate BOOT sectorsperclusters When the NTFS BOOT sectorsperclusters field is 0x80, it represents a shift value. Make sure that the shift value is not too large before using it NTFS max cluster size is 2MB. Return...

EUVD-2021-7729

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-9825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libswscale/utils.c in libav 11.8 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative value. CVE-2016-9825...

Linux Distros Unpatched Vulnerability : CVE-2017-5500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libjasper/jpc/jpcdec.c in JasPer 1.900.17 allows remote attackers to cause a denial of service crash via vectors involving left shift of a negative value...

AZL-66389 CVE-2025-38530 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

DEBIAN-CVE-2025-38530

In the Linux kernel, the following vulnerability has been resolved: comedi: pcl812: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: if 1 options1 & board-irqbits However, it-optionsi is an unchecked int value from userspace, so the shift amount...

DEBIAN-CVE-2025-38483

In the Linux kernel, the following vulnerability has been resolved: comedi: das16m1: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: / only irqs 2, 3, 4, 5, 6, 7, 10, 11, 12, 14, and 15 are valid / if 1 options1 & 0xdcfc However, it-optionsi is an...

PT-2025-33573

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s comedi subsystem, specifically within the pcl812 driver. An unchecked integer value, it-options1, received from userspace, can lead to a bit shift...

UBUNTU-CVE-2025-38230

In the Linux kernel, the following vulnerability has been resolved: jfs: validate AG parameters in dbMount to prevent crashes Validate dbagheight, dbagwidth, and dbagstart in dbMount to catch corrupted metadata early and avoid undefined behavior in dbAllocAG. Limits are derived from L2LPERCTL,...

Vulnerability of the its_vpe_irq_domain_alloc() function in the drivers/irqchip/irq-gic-v3-its.c module – This driver for Linux’s IRQ chips allows a hacker to gain access to protected information.

Vulnerability of the itsvpeirqdomainalloc function in the drivers/irqchip/irq-gic-v3-its.c module – The Linux kernel’s IRQ chip support driver is vulnerable to a single-shift error. Exploiting this vulnerability could allow an attacker to access protected information...

Vulnerability of the tcpm_pd_set() function in the drivers/usb/typec/tcpm/tcpm.c module – The driver for handling Type-C controller devices in Linux kernel, which allows a hacker to cause service failure.

Vulnerability of the tcpmpdset function in the drivers/usb/typec/tcpm/tcpm.c module – The driver that supports the Type-C controller interface in Linux kernel is vulnerable to a single-shift error. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the mm/mremap.c module in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the mm/mremap.c module in the Linux operating system is related to a single-shift error. Exploiting this vulnerability can allow an attacker to cause a service failure...

Vulnerability of the `hdcp_cmd_is_read{}` structure in the drivers/gpu/drm/amd/display/dc/hdcp/hdcp_msg.c file – This is a driver for supporting Direct Rendering Infrastructure (DRI) in AMD graphics cards for Linux operating systems. It allows a hacker to trigger a service failure.

Vulnerability of the hdcpcmdisread structure in the drivers/gpu/drm/amd/display/dc/hdcp/hdcpmsg.c module – Drivers for AMD graphics cards supporting Direct Rendering Infrastructure DRI in Linux operating systems are vulnerable to a single-shift error. Exploiting this vulnerability can allow...

The vulnerability in the structure of const nla_policy nl80211_policy{} in the net/wireless/nl80211.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the const nlapolicy nl80211policy structure in the net/wireless/nl80211.c module of the Linux kernel is related to a single-shift error. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the remote access and replication server of Synology Replication Service, as well as the corporate-level server of Synology Unified Controller for operating systems such as Synology DiskStation Manager (DSM), is related to a single-shift error. This vulnerability allows attackers to execute arbitrary code or trigger a service failure.

The vulnerability of the remote access and replication server of Synology Replication Service, as well as the corporate-level servers of Synology Unified Controller and Synology DiskStation Manager DSM, is related to a single-shift error. Exploiting this vulnerability could allow an attacker to...