EUVD-2018-18099

Malware in sbrugna...

SUSE CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1reshape In the raid1reshape function, newpool is allocated on the stack and assigned to conf-r1biopool. This results in conf-r1biopool.wait.head pointing to a stack address...

UBUNTU-CVE-2025-38027

In the Linux kernel, the following vulnerability has been resolved: regulator: max20086: fix invalid memory access max20086parseregulatorsdt calls ofregulatormatch using an array of struct ofregulatormatch allocated on the stack for the matches argument. ofregulatormatch calls...

CVE-2025-38027

The CVE-2025-38027 entry describes a Linux kernel vulnerability in the regulator max20086 code path. The root cause is that max20086_parse_regulators_dt() uses an on-stack array of struct of_regulator_match for matches and then relies on devm_of_regulator_put_matches(), which allocates a devm_of_...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a stack allocation matching array, which could lead to invalid memory accesses...

CVE-2018-6339

When receiving calls using WhatsApp on Android, a stack allocation failed to properly account for the amount of data being passed in. An off-by-one error meant that data was written beyond the allocated space on the stack. This issue affects WhatsApp for Android starting in version 2.18.180 and w...

CLSA-2025-1744783252 php: Fix of CVE-2025-1861

CVE-2025-1861: move allocation of location from heap to stack, add error checking for location length...

DEBIAN-CVE-2024-46734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between direct IO write and fsync when using same fd If we have 2 threads that are using the same file descriptor and one of them is doing direct IO writes while the other is doing fsync, we have a race where we c...

net/dpaa2: Avoid explicit cpumask var allocation on stack

...

UBUNTU-CVE-2024-42093

In the Linux kernel, the following vulnerability has been resolved: net/dpaa2: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code...

CVE-2024-42094 net/iucv: Avoid explicit cpumask var allocation on stack

In the Linux kernel, the following vulnerability has been resolved: net/iucv: Avoid explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of cpumask variable on stack is not recommended since it can cause potential stack overflow. Instead, kernel code...

CVE-2024-38578

In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format' description is missing the cipher code and checksum fields that are packed into the message packet. As a result, the buffer allocated for the packet is 3 byte...

CVE-2021-47465

A possible stack corruption flaw was found in the Linux kernel in idlekvmstartguest. This issue may lead to compromised availability...

CVE-2021-47465 KVM: PPC: Book3S HV: Fix stack handling in idle_kvm_start_guest()

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fix stack handling in idlekvmstartguest In commit 10d91611f426 "powerpc/64s: Reimplement book3s idle code in C" kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the emergency...

DEBIAN-CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 size 248: comm "cat", pid 23327, jiffies 4624670141 age 495992.217s hex dump first 32 bytes: 00 40 85 ...

CVE-2023-6693

A stack based buffer overflow was found in the virtio-net device of QEMU. This issue occurs when flushing TX in the virtionetflushtx function if guest features VIRTIONETFHASHREPORT, VIRTIOFVERSION1 and VIRTIONETFMRGRXBUF are enabled. This could allow a malicious user to overwrite local variables...

CVE-2023-43632 Freely Allocate Buffer on The Stack With Data From Socket

As noted in the “VTPM.md” file in the eve documentation, “VTPM is a server listening on port 8877 in EVE, exposing limited functionality of the TPM to the clients. VTPM allows clients to execute tpm2-tools binaries from a list of hardcoded options” The communication with this server is done using...

CVE-2021-45423

A Buffer Overflow vulnerabilityexists in Pev 0.81 via the peexports function from exports.c.. The array offsetstoNames is dynamically allocated on the stack using exp-NumberOfFunctions as its size. However, the loop uses exp-NumberOfNames to iterate over it and set its components value. Therefore...

CVE-2021-45423

A Buffer Overflow vulnerabilityexists in Pev 0.81 via the peexports function from exports.c.. The array offsetstoNames is dynamically allocated on the stack using exp-NumberOfFunctions as its size. However, the loop uses exp-NumberOfNames to iterate over it and set its components value. Therefore...

SUSE CVE-2014-9630

The rtppacketizexiphconfig function in modules/streamout/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified...