24 matches found
JLSEC-2026-497 Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds...
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
SUSE CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
CVE-2026-41990 affects Libgcrypt prior to 1.12.2, where Dilithium signing mishandles a static array write that lacks a bounds check. The issue does not use attacker-controlled data. CVSSv3.1 base metrics indicate a Medium risk (4.0) with LOCAL attack vector, HIGH complexity, NONE privileges, and ...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-41990
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
PT-2026-34641
Name of the Vulnerable Software and Affected Versions Libgcrypt versions prior to 1.12.2 Description Libgcrypt mishandles Dilithium signing. Specifically, writes to a static array lack a bounds check, although these writes do not use attacker-controlled data. Recommendations Update to version...
CVE-2022-33229
Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets...
EUVD-2016-9289
Malware in sbrugna...
EUVD-2022-36272
Malicious code in bioql PyPI...
EUVD-2025-22594
Malicious code in bioql PyPI...
CVE-2023-53400
In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As a workaround, extend for t...
SUSE CVE-2025-38407
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...
CVE-2025-38407 riscv: cpu_ops_sbi: Use static array for boot_data
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...
CVE-2025-38407
CVE-2025-38407 (Linux kernel, RISC‑V) is addressed by replacing the dynamic percpu boot data area with a statically allocated array in the kernel image to fix boot on NUMA SMP configurations. The root cause was that, when percpu page allocation happens early with NUMA, percpu data could be placed...
CVE-2025-38407
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...
CVE-2025-38407 riscv: cpu_ops_sbi: Use static array for boot_data
In the Linux kernel, the following vulnerability has been resolved: riscv: cpuopssbi: Use static array for bootdata Since commit 6b9f29b81b15 "riscv: Enable pcpu page first chunk allocator", if NUMA is enabled, the page percpu allocator may be used on very sparse configurations, or when requested...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a stack overflow issue caused by static array allocation in the kfdgetcuoccupancy function in the drm/amdkfd...
Spoofing
In the Linux kernel, the following vulnerability has been resolved: ASoC: q6afe-clocks: fix reprobing of the driver Q6afe-clocks driver can get reprobed. For example if the APR services are restarted after the firmware crash. However currently Q6afe-clocks driver will oops because hw.init will ge...