CVE-2025-12875

CVE-2025-12875 affects mruby 3.4.0, specifically the ary_fill_exec path in mrbgems/mruby-array-ext/src/array.c. The root cause is a manipulation of argument start/length that can trigger an out-of-bounds write, with a local attack vector and public exploits available. A patch is recorded as commi...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: block: fixed an overflow in blkioctldiscard. There is no check for an overflow of ‘start + len’ in blkioctldiscard. A hung task may occur if a discard ioctl is submitted with the following parameters: start = 0x80000000000ff000,...

PYSEC-2024-149

Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice function uses a non-literal argument for the start ...

UBUNTU-CVE-2014-9780

drivers/video/msm/mdss/mdp3ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28602014 and Qualcomm internal bug...