CVE-2025-39880 libceph: fix invalid accesses to ceph_connection_v1_info

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to check if a con-v1 union member is active, which could lead to invalid access...

Type confusion

A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature which, for example, helped with loop prevention. ccnlfwdhandleInterest assumes that the union member s is of type ccnlpktdetailndntlvs. However, if the type is in fact stru...

CVE-2008-1693

The CairoFont::create function in CairoFontEngine.cc in Poppler, possibly before 0.8.0, as used in Xpdf, Evince, ePDFview, KWord, and other applications, does not properly handle embedded fonts in PDF files, which allows remote attackers to execute arbitrary code via a crafted font object, relate...