25 matches found
Astra Linux - уязвимость в linux
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can occur when a trustedless device provides a buf-len value that exceeds the buffer size. NOTE: the vendor indicates that the mentioned data corruption is not a vulnerability in any existing use case; the...
CVE-2026-40341
A flaw was found in libgphoto2, a library used for accessing and controlling cameras. An out-of-bounds read vulnerability exists in the ptpunpackEOSFocusInfoEx function. This flaw can be exploited by processing input from untrusted USB devices, potentially allowing an attacker to crash the...
CVE-2026-40341
libgphoto2 is a camera access and control library. In versions up to and including 2.5.33, an out of bound read in ptpunpackEOSFocusInfoEx could be used to crash libgphoto2 when processing input from untrusted USB devices. Commit c385b34af260595dfbb5f9329526be5158985987 contains a patch. No known...
CVE-2026-40341
CVE-2026-40341 affects the libgphoto2 library. In versions up to and including 2.5.33, an out-of-bounds read in ptp_unpack_EOS_FocusInfoEx could crash libgphoto2 when processing input from untrusted USB devices. A patch was introduced in commit c385b34af260595dfbb5f9329526be5158985987. No known w...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414562)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414562 advisory. In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value...
kernel: virtio-net: Add validation for used length
A vulnerability was found in the Linux kernel’s virtio-net driver, where the system does not properly validate the length of data provided by an untrusted device. This lack of validation could lead to data corruption if the length of the data is incorrect or maliciously crafted...
kernel: virtio-net: Add validation for used length
A vulnerability was found in the Linux kernel’s virtio-net driver, where the system does not properly validate the length of data provided by an untrusted device. This lack of validation could lead to data corruption if the length of the data is incorrect or maliciously crafted...
kernel: virtio-net: Add validation for used length
A vulnerability was found in the Linux kernel’s virtio-net driver, where the system does not properly validate the length of data provided by an untrusted device. This lack of validation could lead to data corruption if the length of the data is incorrect or maliciously crafted...
kernel: virtio-net: Add validation for used length
A vulnerability was found in the Linux kernel’s virtio-net driver, where the system does not properly validate the length of data provided by an untrusted device. This lack of validation could lead to data corruption if the length of the data is incorrect or maliciously crafted...
PYSEC-2023-128
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...
SUSE CVE-2023-3674
A flaw was found in the keylime attestation verifier, which fails to flag a device's submitted TPM quote as faulty when the quote's signature does not validate for some reason. Instead, it will only emit an error in the log without flagging the device as untrusted...
SUSE CVE-2021-38160
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
SUSE-SU-2021:3401-1 Security update for the Linux Kernel (Live Patch 23 for SLE 15)
This update for the Linux Kernel 4.12.14-15069 fixes several issues. The following security issues were fixed: - CVE-2021-3715: Fixed a user-after-free in the Linux kernel's Traffic Control networking subsystem which could lead to local privilege escalation. bsc1190350. - CVE-2021-38160: Fixed a...
In drivers/char/virtio_console.c in the Linux kernel before 5.13.4 data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior
...
AZL-6580 CVE-2021-38160 affecting package kernel for versions less than 5.10.78.1-1
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
DEBIAN-CVE-2021-38160
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
CVE-2021-38160
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
CVE-2021-38160
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
UBUNTU-CVE-2021-38160
In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; th...
Memory corruption
DISPUTED In drivers/char/virtioconsole.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf-len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use...