CVE-2022-50778

Summary: CVE-2022-50778 affects the Linux kernel where fortify: Fix __compiletime_strlen() under UBSAN_BOUNDS_LOCAL is implemented. Under CONFIG_FORTIFY=y and CONFIG_UBSAN_LOCAL_BOUNDS=y, a runtime panic can occur due to a strlen() in hidinput_allocate(), caused by __compiletime_strlen() using __...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that compiletimestrlen may return the maximum possible size under UBSANBOUNDSLOCAL, which could lea...

Linux Distros Unpatched Vulnerability : CVE-2022-50778

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fortify: Fix compiletimestrlen under UBSANBOUNDSLOCAL With CONFIGFORTIFY=y and CONFIGUBSANLOCALBOUNDS=y enabled, we observe a runtime panic while running...

SUSE-SU-2025:3716-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-49980: USB: gadget: fix use-after-free read in usbudcuevent bsc1245110. - CVE-2022-50233: Bluetooth: eir: Fix using strlen with hdev-devname,shortname...

SUSE SLES12 Security Update : kernel (SUSE-SU-2025:03614-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03614-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

EUVD-2011-2326

Malware in sbrugna...

EUVD-2022-33447

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect use of the strlen function, which could lead to string handling errors...

Linux Distros Unpatched Vulnerability : CVE-2021-38202

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service out-of-bounds read in strlen by sending NFS traffic...

CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...

DEBIAN-CVE-2025-1147

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

UBUNTU-CVE-2025-1147

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function sanitizer::internalstrlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched...

PT-2025-6044 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.43 Description: A problem has been found in the function sanitizer::internal strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be...

DEBIAN-CVE-2024-56650

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by task repro/5879 ... Call...

AZL-54738 CVE-2024-56650 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: fix LED ID check in ledtgcheck Syzbot has reported the following BUG detected by KASAN: BUG: KASAN: slab-out-of-bounds in strlen+0x58/0x70 Read of size 1 at addr ffff8881022da0c8 by task repro/5879 ... Call...

UBUNTU-CVE-2024-50131

In the Linux kernel, the following vulnerability has been resolved: tracing: Consider the NULL character when validating the event length strlen returns a string length excluding the null byte. If the string length equals to the maximum buffer length, the buffer will have no space for the NULL...

CVE-2024-50131

CVE-2024-50131 affects the Linux kernel tracing subsystem, where length validation for events didn’t account for the NULL terminator. strlen() reports length excluding the trailing null, so if the string length equals the maximum buffer, there is no room for the NULL terminator, allowing potentia...

CVE-2024-47688 driver core: Fix a potential null-ptr-deref in module_add_driver()

In the Linux kernel, the following vulnerability has been resolved: driver core: Fix a potential null-ptr-deref in moduleadddriver Inject fault while probing of-fpga-region, if kasprintf fails in moduleadddriver, the second sysfsremovelink in exit path will cause null-ptr-deref as below because...

kernel: firmware: cs_dsp: Use strnlen() on name fields in V1 wmfw files

A buffer overrun flaw exists in the Linux kernel when the strlen function is used on name fields in V1 wmfw files. This issue results in a loss of system availability...

GHSA-PFR9-2P92-QRHQ Databento Binary Encoding (DBN) has a heap buffer overflow using c_chars_to_str function

The heap-buffer-overflow is triggered in the strlen function when handling the ccharstostr function in the dbn crate. This vulnerability occurs because the CStr::fromptr function in Rust assumes that the provided C string is null-terminated. However, there is no guarantee that the input chars arr...