UBUNTU-CVE-2022-49728

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix signed integer overflow in ip6appenddata Resurrect ubsan overflow checks and ubsan report this warning, fix it by change the variable length type to sizet. UBSAN: signed-integer-overflow in net/ipv6/ip6output.c:1489:19...

DEBIAN-CVE-2022-49199

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...

DEBIAN-CVE-2022-49186

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconticlkregistergates This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if clksi.rsid = 0 condition was always true. Th...

UBUNTU-CVE-2022-49199

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...

UBUNTU-CVE-2022-49186

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconticlkregistergates This code was using -1 to represent that there was no reset function. Unfortunately, the -1 was stored in u8 so the if clksi.rsid = 0 condition was always true. Th...

CVE-2022-49570 gpio: gpio-xilinx: Fix integer overflow

In the Linux kernel, the following vulnerability has been resolved: gpio: gpio-xilinx: Fix integer overflow Current implementation is not able to configure more than 32 pins due to incorrect data type. So type casting with unsigned long to avoid it...

CVE-2022-49280 NFSD: prevent underflow in nfssvc_decode_writeargs()

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvcdecodewriteargs warn: no lower bound on 'args-len' Change the type to unsigned to prevent this issue...

CVE-2022-49280 NFSD: prevent underflow in nfssvc_decode_writeargs()

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvcdecodewriteargs warn: no lower bound on 'args-len' Change the type to unsigned to prevent this issue...

CVE-2022-49280

In the Linux kernel, the following vulnerability has been resolved: NFSD: prevent underflow in nfssvcdecodewriteargs Smatch complains: fs/nfsd/nfsxdr.c:341 nfssvcdecodewriteargs warn: no lower bound on 'args-len' Change the type to unsigned to prevent this issue...

CVE-2023-5184

Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid using test/setbit operations on non-allocated memory. There is a potential for out-of-bounds access when using testbit on a single word. The testbit and setbit functions operate on long values, and when testi...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mm: Avoid overflows in the dirty throttling logic. The dirty throttling logic relies on assumptions that dirty limits in PAGESIZE units fit within 32-bit boundaries so that various calculations can be performed within 64 bits. If...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: padata: Use integer wrap-around to prevent deadlock in cases of seqnr overflow. When submitting more than 2^32 padata objects to padatadoserial, the current sorting implementation incorrectly sorts padata objects with overflowed...

CVE-2022-4418

Local privilege escalation due to unrestricted loading of unsigned libraries. The following products are affected: Acronis Cyber Protect Home Office Windows before build 40208...

CVE-2024-42501

An authenticated Path Traversal vulnerabilities exists in the ArubaOS. Successful exploitation of this vulnerability allows an attacker to install unsigned packages on the underlying operating system, enabling the threat actor to execute arbitrary code or install implants...

CVE-2024-2617

A vulnerability exists in the RTU500 that allows for authenticated and authorized users to bypass secure update, if secure update feature was not enabled on all CMUs of a RTU500. If a malicious actor successfully exploits this vulnerability, they could use it to update the RTU500 with unsigned...

CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

CVE-2025-24792 Snowflake PHP PDO Driver has a Signed-to-Unsigned Conversion Error

Snowflake PHP PDO Driver is a driver that uses the PHP Data Objects PDO extension to connect to the Snowflake database. Snowflake discovered and remediated a vulnerability in the Snowflake PHP PDO Driver where executing unsupported queries like PUT or GET on stages causes a signed-to-unsigned...

PHP PDO driver for Snowflake 安全漏洞

PHP PDO driver for Snowflake is an open source PHP PDO driver from Snowflake Computing. A security vulnerability exists in the PHP PDO driver for Snowflake, which originates from a stage where execution of an unsupported query can result in a signed-to-unsigned conversion error, which can cause t...

PT-2025-5573 · Snowflake · Snowflake Php Pdo Driver

Name of the Vulnerable Software and Affected Versions: Snowflake PHP PDO Driver versions 0.2.0 through 3.0.3 Description: The issue arises when executing unsupported queries, such as PUT or GET on stages, which causes a signed-to-unsigned conversion error. This error results in the application...