230 matches found
EUVD-2026-39883
In the Linux kernel, the following vulnerability has been resolved: armmpam: Check whether the config array is allocated before destroying it destroycomponentcfg is called to free the configuration array. It uses the embedded 'garbage' structure, which means the array has to be allocated. If...
EUVD-2026-32983
Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmallocd, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption of slab metadata an...
Canonical Ubuntu Linux 安全漏洞
Canonical Ubuntu Linux is a Linux operating system developed by the British company Canonical. The Canonical Ubuntu Linux 6.8, 6.17, and 7.0 versions contain security vulnerabilities. These vulnerabilities stem from incorrect attempts to release pointers that were not allocated using kmalloc, whi...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4 module’s inability to write to unallocated regions, potentially leading to issues with...
Astra Linux – Vulnerability in ntfs-3g
A properly crafted NTFS image with an unallocated bitmap can lead to an endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...
Astra Linux – Vulnerability in netcdf
A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmlcharcontent attempts to use realloc on a block that has not been allocated, resulting in an invalid free operation and a segmentation fault...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fixed the kernel panic by avoiding access to unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant code has not been completely removed since the commit 16d98b548365 “mt76: mt7921:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Unallocated resources are no longer allowed to be returned. In cases where the topology requests resources that have not been created by the system since they are typically not represented in dpumdsscfg, the resource...
Astra Linux – Vulnerability in Firefox, NSS
When the memory resources are nearly exhausted, an elliptic curve key that was never allocated can be reclaimed. This vulnerability affects Firefox 128 and Thunderbird 128...
CVE-2026-31443
A flaw was found in the Linux kernel's dmaengine: idxd driver. When hardware does not support event logging and an error triggers a Function Level Reset FLR, the driver attempts to restore or free an event log that was never allocated. This improper handling can lead to a system crash, resulting ...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of dmaengine idxd when event logging is disabled. This could lead to attempts to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013692)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013692 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology request...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011106)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011106 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Disallow unallocated resources to be returned In the event that the topology request...
Byte-Level Generative Predictions for Forensics Multimedia Carving
Digital forensic investigations often face significant challenges when recovering fragmented multimedia files that lack file system metadata. While traditional file carving relies on signatures and discriminative deep learning models for fragment classification, these methods cannot reconstruct o...
NanoMQ 安全漏洞
NanoMQ is an open-source IoT edge platform broker developed by EMQ in the United States. There is a security vulnerability in NanoMQ, which stems from the use of the hookworkcb function to parse message bodies using cJSONParse. This leads to out-of-bounds read access to unallocated memory...
SUSE SLES15 Security Update : libjxl (SUSE-SU-2026:0648-1)
The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0648-1 advisory. - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. -...
Security update for libjxl
This update for libjxl fixes the following issues: CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated memor...
SUSE-SU-2026:0648-1 Security update for libjxl
This update for libjxl fixes the following issues: - CVE-2025-12474: a specially crafted file can cause the decoder to read pixel data from uninitialized allocated memory bsc1258090. - CVE-2026-1837: a specially crafted file can cause the decoder to write pixel data to uninitialized unallocated...
CVE-2018-2209
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none...
MiracleLinux 4 : qemu-kvm-0.12.1.2-2.415.AXS4.14 (AXSA:2014-502:05)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-502:05 advisory. Description : KVM for Kernel-based Virtual Machine is a full virtualization solution for Linux on x86 hardware. Using KVM, one can run multiple virtu...