742 matches found
CVE-2025-37821 sched/eevdf: Fix se->slice being set to U64_MAX and resulting crash
In the Linux kernel, the following vulnerability has been resolved: sched/eevdf: Fix se-slice being set to U64MAX and resulting crash There is a code path in dequeueentities that can set the slice of a schedentity to U64MAX, which sometimes results in a crash. The offending case is when...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly set scheduler slice, which could cause the kernel to crash...
GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of H265 sli...
PT-2025-39403
Name of the Vulnerable Software and Affected Versions pytorch version 2.8.0 Description An issue in the torch.linalg.lu component allows attackers to cause a Denial of Service DoS when performing a slice operation. Recommendations At the moment, there is no information about a newer version that...
SUSE CVE-2025-22001
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...
AZL-59870 CVE-2025-22001 affecting package kernel for versions less than 6.6.85.1-2
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...
UBUNTU-CVE-2025-22001
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...
CVE-2025-22001 accel/qaic: Fix integer overflow in qaic_validate_req()
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix integer overflow in qaicvalidatereq These are u64 variables that come from the user via qaicattachsliceboioctl. Use checkaddoverflow to ensure that the math doesn't have an integer wrapping bug...
GHSA-GV7F-5QQH-VXFX xous has unsound usages of `core::slice::from_raw_parts`
We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...
xous has unsound usages of `core::slice::from_raw_parts`
We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...
RUSTSEC-2024-0431 Unsound usages of `core::slice::from_raw_parts`
We consider asslice and asslicemut unsound because: the pointer with any bit patterns could be cast to the slice of arbitrary types. The pointer could be created by unsafe new and deprecated fromparts. We consider that fromparts should be removed in latest version because it will help trigger...
GHSA-F95P-4CV5-8W8X linkme fails to ensure slice elements match the slice's declared type
Affected versions allow populating a DistributedSlice of T with elements of an arbitrary other type that coerces to T. For example, elements of type &&str could end up in a slice of type &str, since &&str coerces to &str via a deref coercion. The flaw was corrected by implementing typechecking fo...
linkme fails to ensure slice elements match the slice's declared type
Affected versions allow populating a DistributedSlice of T with elements of an arbitrary other type that coerces to T. For example, elements of type &&str could end up in a slice of type &str, since &&str coerces to &str via a deref coercion. The flaw was corrected by implementing typechecking fo...
CVE-2018-9423
In ihevcdparsesliceheader of ihevcdparsesliceheader.c there is a possible out of bound read due to missing bounds check. This could lead to denial of service with no additional execution privileges needed. User interaction is needed for exploitation...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. A denial of service vulnerability exists in Google Android, which stems from a lack of bounds checking in the ihevcdparseslicedata function in the ihevcdparseslice.c file, which can be exploited by an attacker to cause a...
In x/text in Go before v0.3.5 a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
...
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...
Important: Red Hat Security Advisory: container-tools:rhel8 security update
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...
gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization
A flaw was found in the gorilla/schema package. Running schema.Decoder.Decode on a struct that has a field of type struct... opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of schema.Decoder.Decode on a struct with arrays ...