8 matches found
SwiftNIO: Out-of-bounds write via ByteBuffer index and length UInt32 overflow
Summary A program using swift-nio is vulnerable to a potential out-of-bounds write when attacker-controlled index or length values exceeding UInt32.max are passed to some ByteBuffer methods. This affects all swift-nio versions from 1.0.0 to 2.99.0. It is fixed in 2.100.0 and later releases. Detai...
SwiftNIO: Out-of-bounds write via ByteBuffer index and length UInt32 overflow
A program using swift-nio is vulnerable to a potential out-of-bounds write when attacker-controlled index or length values exceeding UInt32.max are passed to some ByteBuffer methods. This affects all swift-nio versions from 1.0.0 to 2.99.0. It is fixed in 2.100.0 and later releases...
CVE-2026-43405
CVE-2026-43405 affects the Linux kernel libceph component, specifically ceph_monmap_decode(). The root cause is signedness mishandling: blob_len and num_mon are int, used to hold non-negative values that should be unsigned, leading to potential large allocations when an incoming num_mon is very l...
PT-2026-39066
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the libceph component where the ceph monmap decode function uses signed int variables for blob len and num mon. Because these variables are intended to hold non-negati...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986771)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986771 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type u32 instead of type...
SUSE CVE-2024-53146
In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...
DEBIAN-CVE-2021-47580
In the Linux kernel, the following vulnerability has been resolved: scsi: scsidebug: Fix type in mint to avoid stack OOB Change mint to use type "u32" instead of type "int" to avoid stack out of bounds. With mint type "int" the values get sign extended and the larger value gets used causing stack...
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
...