23 matches found
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux
In the Linux kernel, the following vulnerability has been resolved: NFSD: prevented underflow in nfssvcdecodewriteargs Smatch reported the issue as follows: fs/nfsd/nfsxdr.c:341 nfssvcDecodeWriteArgs Warning: no lower bound on ‘args-len’ The type of the variable has been changed to unsigned to...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: CDC-NCM: avoid overflow in sanity checking A broken device may give an extreme offset like 0xFFF0 and a reasonable length for a fragment. In the sanity check as formulated now, this will create an integer overflow, defeating the...
EUVD-2026-26587
In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix slab-out-of-bounds read in iobundlenbufs sqe-len is u32 but gets stored into sr-len which is int. When userspace passes sqe-len values exceeding INTMAX e.g. 0xFFFFFFFF, sr-len overflows to a negative value. This...
SUSE CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230 Storable versions before 3.05 for Perl has a stack overflow
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2017-20230
Storable versions before 3.05 for Perl has a stack overflow. The retrievehook function stored the length of the class name into a signed integer but in read operations treated the length as unsigned. This allowed an attacker to craft data that could trigger the overflow...
CVE-2026-32239
Cap'n Proto is a data interchange format and capability-based RPC system. Prior to 1.4.0, a negative Content-Length value was converted to unsigned, treating it as an impossibly large length instead. In theory, this bug could enable HTTP request/response smuggling. This vulnerability is fixed in...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989207)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989207 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341...
Linux Distros Unpatched Vulnerability : CVE-2025-39822
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed in...
DEBIAN-CVE-2025-39822
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822 io_uring/kbuf: fix signedness in this_len calculation
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
CVE-2025-39822
In the Linux kernel, the following vulnerability has been resolved: iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed int when committing. This can lead to unexpected behavior if the buffer...
PT-2025-37967
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw exists in the Linux kernel’s io uring/kbuf subsystem related to signedness in the this len calculation. When importing and using buffers, the buf-len value is treated as unsigne...
SUSE CVE-2022-49728
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...
AZL-58045 CVE-2022-49728 affecting package kernel for versions less than 5.15.180.1-1
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...
DEBIAN-CVE-2022-49728
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...
UBUNTU-CVE-2022-49728
In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...
SUSE CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...
DEBIAN-CVE-2021-47040
In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign extension problems in ioprovidebuffersprep. As Linus pointed out previous attempt did nothing useful, see d81269fecb8ce "iouring: f...