42 matches found
CVE-2022-50390
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...
CVE-2022-50390
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in bit shift for TTMTTFLAGPRIVPOPULATED Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN:...
CVE-2025-39788 scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE
In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: exynos: Fix programming of HCIUTRLNEXUSTYPE On Google gs101, the number of UTP transfer request slots nutrs is 32, and in this case the driver ends up programming the UTRLNEXUSTYPE incorrectly as 0. This is because the...
SUSE CVE-2025-38710
In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...
DEBIAN-CVE-2025-38710
In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...
CVE-2025-38710
CVE-2025-38710 (gfs2 depth validation) : Linux kernel fix for exhash directories in GFS2. A fuzzer caused a depth of 0 in dir_e_read(), triggering an undefined shift by 32 in index = hash >> (32 - dip->i_depth). The minimum exhash depth is ilog2(sdp->sd_hash_ptrs) and 0 is invalid sin...
CVE-2025-38710 gfs2: Validate i_depth for exhash directories
In the Linux kernel, the following vulnerability has been resolved: gfs2: Validate idepth for exhash directories A fuzzer test introduced corruption that ends up with a depth of 0 in direread, causing an undefined shift by 32 at: index = hash 32 - dip-idepth; As calculated in an open-coded way in...
PT-2025-35983
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the validation of i depth for exhash directories within the gfs2 filesystem. A fuzzer test revealed corruption leading to a depth of 0 in dir...
UBUNTU-CVE-2022-49870
In the Linux kernel, the following vulnerability has been resolved: capabilities: fix undefined behavior in bit shift for CAPTOMASK Shifting signed 32-bit value by 31 bits is undefined, so changing significant bit to unsigned. The UBSAN warning calltrace like below: UBSAN: shift-out-of-bounds in...
UBUNTU-CVE-2025-21789
In the Linux kernel, the following vulnerability has been resolved: LoongArch: csum: Fix OoB access in IP checksum code for negative lengths Commit 69e3a6aa6be2 "LoongArch: Add checksum optimization for 64-bit system" would cause an undefined shift and an out-of-bounds read. Commit 8bd795fedb84...
CLSA-2024-1731432106 ImageMagick: Fix of 2 CVEs
CVE-2020-27751: fix undefined behavior due to an overly large shift exponent in quantum-export.c - CVE-2020-27768: fix NaN being outside the range of representable values issue in quantum-private.h...
kernel: Linux kernel: integer overflow and information disclosure via undefined shift operation in drm/amdkfd
A flaw was found in the Linux kernel’s AMD Kernel Fusion Driver amdkfd within the drm subsystem. When either getnumsdmaqueues or getnumxgmisdmaqueues returned 0, the driver performed a bit shift where the number of bits shifted equaled the operand width. Such a shift is undefined behavior in C an...
openSUSE: Security Advisory for openexr (openSUSE-SU-2021:1198-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2021:1198-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...
SUSE-SU-2021:2793-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-20298 bsc1188460: Fixed Out-of-memory in B44Compressor - CVE-2021-20299 bsc1188459: Fixed Null-dereference READ in Imf25:Header:operator - CVE-2021-20300 bsc1188458: Fixed Integer-overflow in Imf25:hufUncompress - CVE-2021-20302...
PT-2022-9180 · Openexr +1 · Openexr +1
Name of the Vulnerable Software and Affected Versions: OpenEXR affected versions not specified Description: A flaw in OpenEXR's hufDecode functionality allows an attacker to trigger an undefined right shift error by passing a crafted file to be processed by OpenEXR. The highest threat from this...
openSUSE Security Update : openexr (openSUSE-2021-536)
This update for openexr fixes the following issues : - CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 - CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 - CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 This update was importe...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2021:0536-1 Rating: moderate References: 1184172 1184173 1184174 Cross-References: CVE-2021-3474 CVE-2021-3475 CVE-2021-3476 CVSS scores: CVE-2021-3474 NVD : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L...
OPENSUSE-SU-2021:0536-1 Security update for openexr
This update for openexr fixes the following issues: - CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 - CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 - CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 This update was imported...
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2021:1097-1)
This update for openexr fixes the following issues : CVE-2021-3474: Undefined-shift in Imf25::FastHufDecoder::FastHufDecoder bsc1184174 CVE-2021-3475: Integer-overflow in Imf25::calculateNumTiles bsc1184173 CVE-2021-3476: Undefined-shift in Imf25::unpack14 bsc1184172 Note that Tenable Network...