387 matches found
CVE-2025-23022
Removed by vendor...
PT-2025-4770 · Freetype +1 · Freetype +1
Name of the Vulnerable Software and Affected Versions: FreeType version 2.8.1 Description: The issue is a signed integer overflow in the cf2 doFlex function, located in cff/cf2intrp.c. This overflow can occur during flex processing. Recommendations: For FreeType version 2.8.1, consider applying a...
CVE-2025-23022
FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c...
CVE-2024-56614 xsk: fix OOB map writes when deleting elements
In the Linux kernel, the following vulnerability has been resolved: xsk: fix OOB map writes when deleting elements Jordy says: " In the xskmapdeleteelem function an unsigned integer map-maxentries is compared with a user-controlled signed integer k. Due to implicit type conversion, a large unsign...
Fedora 40 : php (2024-2b429e720e)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2b429e720e advisory. PHP version 8.3.12 26 Sep 2024 CGI: Fixed bug GHSA-p99j-rfp4-xqvq Bypass of CVE-2024-4577, Parameter Injection Vulnerability. CVE-2024-8926 nielsdos...
OESA-2024-2157 libsndfile security update
Libsndfile is a C library for reading and writing files containing sampled sound such as MS Windows WAV and the Apple/SGI AIFF format through one standard library interface. Security Fixes: Multiple signed integers overflow in function aureadheader in src/au.c and in functions mat4open and...
CVE-2024-42136
In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange lastmediachange check to avoid unintentional overflow When running syzkaller with the newly reintroduced signed integer wrap sanitizer we encounter this splat: 366.015950 UBSAN: signed-integer-overflow in...
CVE-2024-42136
In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange lastmediachange check to avoid unintentional overflow When running syzkaller with the newly reintroduced signed integer wrap sanitizer we encounter this splat: 366.015950 UBSAN: signed-integer-overflow in...
CVE-2024-42136 cdrom: rearrange last_media_change check to avoid unintentional overflow
In the Linux kernel, the following vulnerability has been resolved: cdrom: rearrange lastmediachange check to avoid unintentional overflow When running syzkaller with the newly reintroduced signed integer wrap sanitizer we encounter this splat: 366.015950 UBSAN: signed-integer-overflow in...
CVE-2024-42136
CVE-2024-42136 affects the Linux kernel cdrom subsystem. The issue stems from an arithmetic path in last_media_change that could trigger a signed integer overflow under UBSAN when running syzkaller; the issue is resolved by rearranging the check to avoid any arithmetic, preventing the overflow. T...
CVE-2024-41000
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...
CVE-2024-41000
CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...
CVE-2024-41000 block/ioctl: prefer different overflow check
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...
CVE-2024-41000
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...
CVE-2024-41000 block/ioctl: prefer different overflow check
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...
CVE-2024-41000 block/ioctl: prefer different overflow check
In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...
CVE-2023-52832
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211gettxpower We can get a UBSAN warning if ieee80211gettxpower returns the INTMIN value mac80211 internally uses for "unset power level". UBSAN: signed-integer-overflow in...
DEBIAN-CVE-2024-35905
In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...
GHSA-PPX5-Q359-PVWJ vyper's range(start, start + N) reverts for negative numbers
Summary When looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. Details This issue is caused by an incorrect assertion inserted by the code generation of the range stmt.parseForrange:...
CVE-2024-32481 vyper's range(start, start + N) reverts for negative numbers
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...