18 matches found
luksmeta: Data corruption when handling LUKS1 partitions with luksmeta
A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...
SUSE-SU-2026:21052-1 Security update for the Linux Kernel RT (Live Patch 14 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-38.1 fixes various security issues The following security issues were fixed: - CVE-2025-40159: xsk: Harden userspace-supplied xdpdesc validation bsc1253404. - CVE-2025-71120: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in...
CVE-2026-4407
The CVE-2026-4407 issue affects Xpdf 4.06 and earlier, caused by an out-of-bounds array write stemming from incorrect validation of the “N” field in ICCBased color spaces. The vulnerability is rooted in input validation for ICCBased color space handling, leading to potential memory access issues....
CVE-2026-4407
Out-of-bounds array write in Xpdf 4.06 and earlier, due to incorrect validation of the "N" field in ICCBased color spaces...
CVE-2025-11568
CVE-2025-11568 affects the luksmeta utility when used with the LUKS1 partition format. The vulnerability allows a user with necessary permissions to write excessive metadata, and due to improper validation of available space, this metadata can overwrite and corrupt the encrypted data, potentially...
Red Hat Enterprise Linux 10 安全漏洞
Red Hat Enterprise Linux 10 is a suite of Linux operating systems for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux 10 that stems from not properly validating free space, which could result in user encrypted data being overwritten an...
EUVD-2010-3882
Malware in sbrugna...
EUVD-2016-1675
Malware in sbrugna...
EUVD-2024-43565
Malicious code in bioql PyPI...
CVE-2025-38366
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "numcpu" from user space The maximum supported cpu number is EIOINTCROUTEMAXVCPUS about irqchip EIOINTC, here add validation about cpu number to avoid array pointer overflow...
CVE-2025-38067 rseq: Fix segfault on registration when rseq_cs is non-zero
In the Linux kernel, the following vulnerability has been resolved: rseq: Fix segfault on registration when rseqcs is non-zero The rseqcs field is documented as being set to 0 by user-space prior to registration, however this is not currently enforced by the kernel. This can result in a segfault ...
FreeBSD 安全漏洞
FreeBSD is a set of Unix-like operating systems from the FreeBSD Foundation. A security vulnerability exists in FreeBSD that stems from the ctlreportsupportedopcodes function not adequately validating user-space-supplied fields, allowing arbitrary writes to a limited amount of kernel helper memor...
Vim < 9.1.0697 Heap Buffer Overflow
The version of Vim installed on the remote host is prior to 9.1.0697. It is, therefore, affected by a heap buffer overflow vulnerability. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but does not check whether there is enough space left in the buffer ...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a lack of validation of the space occupied by the xlogopheader fixed member in xlogrecoverprocessdata...
PT-2025-26006 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.19.0 Description: The issue arises from an integer overflow in the register shm helper function when calculating the number of pages covered by a user-supplied memory region. This causes a NULL pointer...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.13 bug fix and security update
Red Hat OpenShift Container Platform release 4.6.13 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of...
CVE-2019-10506
While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...
The vulnerability of the Android operating system, which allows a hacker to increase their privileges
The vulnerability of the mdss mdp3 driver components of Qualcomm’s Android operating system is related to the lack of data validation for user space. Exploiting this vulnerability allows a malicious actor to enhance their privileges through a specially created application...