21 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fixed an issue involving an untrusted unsigned subtraction operation. The following warnings from the “SMatch static checker” have also been fixed: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket Warning: Untrusted unsigned...
CVE-2026-24889
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
EUVD-2026-4848
soroban-sdk is a Rust SDK for Soroban contracts. Arithmetic overflow can be triggered in the Bytes::slice, Vec::slice, and Prng::genrange for u64 methods in the soroban-sdk in versions up to and including 25.0.1, 23.5.1, and 25.0.2. Contracts that pass user-controlled or computed range bounds to...
CVE-2021-41612
An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...
CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
UBUNTU-CVE-2023-54086
In the Linux kernel, the following vulnerability has been resolved: bpf: Add preemptcountsub,add into btf id deny list The recursion check in bpfprogenter and bpfprogexit leave preemptcountsub,add unprotected. When attaching trampoline to them we get panic as follows, 867.843050 BUG: TASK stack...
EUVD-2025-33336
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix untrusted unsigned subtract Fix the following Smatch static checker warning: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket warn: untrusted unsigned subtract. 'ticketlen - 10 4' by prechecking the length of what we're tryi...
CVE-2025-39962 rxrpc: Fix untrusted unsigned subtract
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix untrusted unsigned subtract Fix the following Smatch static checker warning: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket warn: untrusted unsigned subtract. 'ticketlen - 10 4' by prechecking the length of what we're tryi...
CVE-2025-39962
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix untrusted unsigned subtract Fix the following Smatch static checker warning: net/rxrpc/rxgkapp.c:65 rxgkyfsdecodeticket warn: untrusted unsigned subtract. 'ticketlen - 10 4' by prechecking the length of what we're tryi...
CVE-2025-39962
The CVE-2025-39962 entry concerns the Linux kernel RXRPC path. A bug in rxgk_app.c involved an untrusted unsigned subtract (ticket_len - 10 * 4) that could affect token parsing. The fix prechecks token lengths in two places and uses sizeof() for the extracted struct. This CVE is marked as resolve...
PT-2025-41376
Name of the Vulnerable Software and Affected Versions Linux Kernel affected versions not specified Description The Linux kernel contains a flaw related to an untrusted unsigned subtract operation within the rxrpc subsystem. Specifically, a Smatch static checker warning was identified in the rxgk...
EUVD-2021-27683
Malicious code in bioql PyPI...
EUVD-2021-28626
Malicious code in bioql PyPI...
CVE-2021-40507
An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...
CVE-2021-41612
An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...
CVE-2021-40507
An issue was discovered in the ALU unit of the OR1200 aka OpenRISC 1200 processor 2011-09-10 through 2015-11-11. The overflow flag is not being updated correctly for the subtract instruction, which results in an incorrect value in the overflow flag. Any software that relies on this flag may...
PT-2023-12377 · Unknown · Openrisc Mor1Kx
Name of the Vulnerable Software and Affected Versions: OpenRISC mor1kx processor affected versions not specified Description: An issue was discovered in the ALU unit of the OpenRISC mor1kx processor, where the carry flag is not being updated correctly for the subtract instruction. This results in...
CVE-2021-41612
An issue was discovered in the ALU unit of the OpenRISC mor1kx processor. The carry flag is not being updated correctly for the subtract instruction, which results in an incorrect value of the carry flag. Any software that relies on this flag may experience corruption in execution...
PT-2023-12364 · Openrisc · Or1200
Name of the Vulnerable Software and Affected Versions: OR1200 aka OpenRISC 1200 processor versions 2011-09-10 through 2015-11-11 Description: An issue in the ALU unit of the processor causes the overflow flag not to be updated correctly for the subtract instruction, resulting in an incorrect valu...