Azure Linux 3.0 Security Update: kernel (CVE-2025-37767)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37767 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The...

DEBIAN-CVE-2025-39793

In the Linux kernel, the following vulnerability has been resolved: iouring/memmap: cast nrpages to sizet before shifting If the allocated size exceeds UINTMAX, then it's necessary to cast the mr-nrpages value to sizet to prevent it from overflowing. In practice this isn't much of a concern as th...

CVE-2024-50614

TinyXML2 through 10.0.0 has a reachable assertion for UINTMAX/16, that may lead to application exit, in tinyxml2.cpp XMLUtil::GetCharacterRef...

CVE-2024-50614

CVE-2024-50614 affects TinyXML-2 (up to 10.0.0). The issue is a reachable assertion in tinyxml2.cpp XMLUtil::GetCharacterRef for UINT_MAX/16 that may cause the application to exit. The OSV entries and Fedora advisories indicate a security update extending TinyXML-2 to 11.0.0 to fix this and relat...

CVE-2024-50615

Summary: CVE-2024-50615 affects TinyXML-2 up to and including 10.0.0, with a reachable assertion in XMLUtil::GetCharacterRef that may cause an application exit. The connected OSV entries document multiple security updates for tinyxml2 across platforms and note the same root cause (UINT_MAX/digit)...

CVE-2024-45492

A flaw was found in libexpat's internal nextScaffoldPart function in xmlparse.c. It can have an integer overflow for mgroupSize on 32-bit platforms where UINTMAX equals SIZEMAX. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

CVE-2024-45491

An issue was found in libexpat’s internal dtdCopy function in xmlparse.c, It can have an integer overflow for nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat...

Python Multiple Vulnerabilities (Mar 2024) - Mac OS X

Python is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...

Linux Kernel RDS实现rds_cmsg_rdma_args()函数本地整数溢出漏洞

BUGTRAQ ID: 44921 Linux Kernel是开放源码操作系统Linux所使用的内核。 Linux Kernel的rdscmsgrdmaargs函数中用户所提供的args-nrlocal值被限制到小于UINTMAX。这个限制并不严格，因为在计算总的iovsize时可能可能会溢出，导致分配过小的sockkmalloc。 本地用户可以通过以很大的计数值调用rdsrdmapages导致崩溃。如果没有出现崩溃，则之后还会出现内存破坏。 Linux kernel 2.6.x 厂商补丁： Linux ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...