12 matches found
CVE-2026-12221
Yealink SIP-T46U (version 108.86.0.118) is affected by a stack-based buffer overflow in the Firmware Chunk Upload Handler, caused by a faulty sprintf in /api/upgrade/upgrade when manipulating uid/start_offset. Exploitation requires local-network access; the exploit is publicly available. No remed...
CLSA-2026-1779203444 gnutls: Fix of CVE-2026-33845
CVE-2026-33845: fix integer underflow and remote heap overrun in DTLS handshake reassembly by tracking startoffset and fraglength instead of an inclusive startoffset, endoffset range...
OESA-2024-2599 dpdk security update
The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...
SUSE CVE-2024-49873
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
DEBIAN-CVE-2024-49873
In the Linux kernel, the following vulnerability has been resolved: mm/filemap: fix filemapgetfolioscontig THP panic Patch series "memfd-pin huge page fixes". Fix multiple bugs that occur when using memfdpinfolios with hugetlb pages and THP. The hugetlb bugs only bite when the page is not yet...
binfmt_flat: Fix corruption when not offsetting data start
...
SUSE CVE-2024-44966
In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...
DEBIAN-CVE-2024-44966
In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...
UBUNTU-CVE-2024-44966
In the Linux kernel, the following vulnerability has been resolved: binfmtflat: Fix corruption when not offsetting data start Commit 04d82a6d0881 "binfmtflat: allow not offsetting data start" introduced a RISC-V specific variant of the FLAT format which does not allocate any space for the obsolet...
SUSE CVE-2024-43897
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csumstart and offset in virtionethdr Tighten csumstart and csumoffset checks in virtionethdrtoskb for GSO packets. The function already checks that a checksum requested with VIRTIONETHDRFNEEDSCSUM is in skb...
DEBIAN-CVE-2024-43897
In the Linux kernel, the following vulnerability has been resolved: net: drop bad gso csumstart and offset in virtionethdr Tighten csumstart and csumoffset checks in virtionethdrtoskb for GSO packets. The function already checks that a checksum requested with VIRTIONETHDRFNEEDSCSUM is in skb...
SUSE CVE-2015-6783
The FindStartOffsetOfFileInZipFile function in crazylinkerzip.cpp in crazylinker aka Crazy Linker in Android 5.x and 6.x, as used in Google Chrome before 47.0.2526.73, improperly searches for an EOCD record, which allows attackers to bypass a signature-validation requirement via a crafted ZIP...