2549 matches found
Unsound transmute while debug/display printing batch Insert statements in Diesel's SQLite backend
Diesel allows users to output the generated SQL for any query DSL construct via th diesel::debugquery function as Display and Debug output. For the particular implementation used by batch Insert statements in the SQLite backend Diesel relied on an unspecified transmute between types with a reprru...
PT-2026-37174
Name of the Vulnerable Software and Affected Versions Grid versions 0.17.0 through 1.0.0 Description An integer overflow in the expand rows function can corrupt the relationship between the grid's logical dimensions and its backing storage. This occurs because the function computes the new backin...
bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
...
Reliance on Undefined, Unspecified, or Implementation-Defined Behavior
Overview Affected versions of this package are vulnerable to Reliance on Undefined, Unspecified, or Implementation-Defined Behavior via the decodesigned32 function in src/bacnet/bacint.c that reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four...
CVE-2026-31525
CVE-2026-31525 concerns the Linux kernel BPF interpreter’s signed 32-bit division/modulo (sdiv32/smod32). The issue arises from using abs() on s32 operands, which is undefined for S32_MIN, causing incorrect results that can mismatch verifier behavior and enable out-of-bounds map access. A fix int...
CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013481)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013481 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013741)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013741 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a netlink policy scope check in ctnetlink. This vulnerability may lead to undefined behavio...
Linux Distros Unpatched Vulnerability : CVE-2026-31525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32...
CVE-2026-40279
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
CVE-2026-40279 BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
EUVD-2026-24166
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
CVE-2026-40279
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
CVE-2026-40279 BACnet Stack: Undefined-behavior signed left shift in `decode_signed32()`
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decodesigned32 in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes using signed left shifts. When any of the four bytes has bit 7 set value ≥ 0x80, the left-shift...
CVE-2026-40279
BACnet Stack (open-source C library for embedded systems) contains a defect in decode_signed32() in src/bacnet/bacint.c where reconstructing a 32-bit signed integer from four APDU bytes via signed left shifts can overflow signed int32_t when any byte has bit 7 set (>= 0x80). This undefined beh...
BACnet Stack 安全漏洞
BACnet Stack is an open-source protocol stack for BACnet that is suitable for embedded systems, Linux, MacOS, BSD, and Windows. Versions prior to BACnet Stack 1.4.3 contained a security vulnerability. This vulnerability arises from the decodesigned32 function in src/bacnet/bacint.c, which uses...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011155)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011155 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011238)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011238 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid undefined behavior: applying zero offset to null pointer ACPICA commit...