24 matches found
kernel: mm/compaction: fix UBSAN shift-out-of-bounds warning
A flaw was found in the memory management subsystem in the Linux kernel. An integer overflow in a shift operation can cause unexpected behavior in memory management, resulting in system instability and a denial of service...
CVE-2021-41272
Besu is an Ethereum client written in Java. Starting in version 21.10.0, changes in the implementation of the SHL, SHR, and SAR operations resulted in the introduction of a signed type coercion error in values that represent negative values for 32 bit signed integers. Smart contracts that ask for...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a shift operation in which the number of shift bits equals the number of operand bits, which could lead to...
CVE-2022-49907
In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix undefined behavior in bit shift for mdiobusregister Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds ...
CVE-2022-49907
CVE-2022-49907 is a Linux kernel issue in net: mdio related to undefined behavior from shifting a signed 32-bit value by 31 bits in __mdiobus_register. The root cause is an out-of-bounds bit shift in mdiobus initialization; the code was changed to use an unsigned type to avoid UB. A UBSAN warning...
PT-2025-18624 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns undefined behavior in the bit shift operation for mdiobus register in the Linux kernel's MDIO driver. Specifically, shifting a signed 32-bit value by 31 bits is...
UBUNTU-CVE-2022-49748
In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integer constant 1 is evaluated using 32 bit arithmetic and then passed as a 64 bit function argument. In the case where i is 32 or more...
SUSE CVE-2025-21724
In the Linux kernel, the following vulnerability has been resolved: iommufd/iovabitmap: Fix shift-out-of-bounds in iovabitmapoffsettoindex Resolve a UBSAN shift-out-of-bounds issue in iovabitmapoffsettoindex where shifting the constant "1" of type int by bitmap-mapped.pgshift an unsigned long val...
CVE-2024-26851
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
CVE-2024-26851 netfilter: nf_conntrack_h323: Add protection for bmp length out of range
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: Add protection for bmp length out of range UBSAN load reports an exception of BRK5515 SHIFTISSUE:Bitwise shifts that are out of bounds for their data type. vmlinux getbitmapb=75 + 712 vmlinux...
Integer Underflow
GTKWave 3.3.115 is vulnerable to an Integer Underflow. The vulnerability is caused due to a defect in the LXT2 lxt2rditerradix shift operation functionality when performing the left shift operation. A specially crafted .lxt2 file can lead to memory corruption when the victim opens the file...
CVE-2023-39414
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
CVE-2023-39413
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
CVE-2023-39414
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
Integer overflow
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
CVE-2023-39414
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
CVE-2023-39414
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
CVE-2023-39414
Multiple integer underflow vulnerabilities exist in the LXT2 lxt2rditerradix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns th...
LinearBondingCurve.log2 function contains an incorrect shift operation that could lead to wrong calculation.
Lines of code Vulnerability details Impact The values in the shift operation are reversed. The provided inline assembly code for the log2 function appears to be an issue in the sequence of shift operations. Let's break down the relevant part of the code: r := or r, byte and0x1f, shrshrr, x,...