1269 matches found
CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
UBUNTU-CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
CVE-2022-50859 cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
CVE-2022-50859
CVE-2022-50859 : Linux kernel CIFS: fix for the error length of VALIDATE_NEGOTIATE_INFO message. The fix shortens the message from 28 bytes to 26 bytes by correcting the extended-dialect length after adding smb3.1.1 to the default dialect list. Root cause: after extending the dialects from 3 to 4...
CVE-2022-50859
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
CVE-2022-50859 cifs: Fix the error length of VALIDATE_NEGOTIATE_INFO message
In the Linux kernel, the following vulnerability has been resolved: cifs: Fix the error length of VALIDATENEGOTIATEINFO message Commit d5c7076b772a "smb3: add smb3.1.1 to default dialect list" extend the dialects from 3 to 4, but forget to decrease the extended length when specific the dialect,...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect length of the VALIDATENEGOTIATEINFO message, which could lead to information disclosure...
PT-2025-53977
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's CIFS implementation related to the length of the VALIDATE NEGOTIATE INFO message. A commit extended the dialects from 3 to 4 but failed to adjust the...
PT-2025-53196
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A condition exists in the Linux kernel where a race between inotify freeing mark and inotify handle inode event can lead to the reporting of an event with an invalid watch descriptor wd ...
Malicious code in rpc-validate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6c08295788ac997e7566fad616096d89ea31e26771abbd32fb6d42f199875f2 The package rpc-validate was found to contain malicious code. Source: ghsa-malware 95f6f8651242afb77a3d28835bf912aacbfc4e3abbc3da2313fb6c3bd0c12ed1 A...
EUVD-2025-204876
Malicious code in rpc-validate npm...
Malicious Package
Overview rpc-validate is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MAL-2025-192749 Malicious code in rpc-validate (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d6c08295788ac997e7566fad616096d89ea31e26771abbd32fb6d42f199875f2 The package rpc-validate was found to contain malicious code. Source: ghsa-malware 95f6f8651242afb77a3d28835bf912aacbfc4e3abbc3da2313fb6c3bd0c12ed1 A...
CVE-2025-15013
A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...
CVE-2025-15013
A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...
CVE-2025-15013
A vulnerability was identified in floooh sokol up to 5d11344150973f15e16d3ec4ee7550a73fb995e0. The impacted element is the function sgvalidatepipelinedesc in the library sokolgfx.h. Such manipulation leads to stack-based buffer overflow. The attack must be carried out locally. The exploit is...
Stack-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow via the sgvalidatepipelinedesc function. An attacker can execute arbitrary code or cause a crash by supplying crafted input that triggers a stack-based buffer overflow. Remediation A fix was pushed into the...
Sokol 安全漏洞
Sokol is a platform interface for Andre Weissflog individual developers. A security vulnerability exists in Sokol, which stems from a misbehavior of the function sgvalidatepipelinedesc in the library sokolgfx.h, which could lead to a stack buffer overflow...
Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991153)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991153 advisory. In the Linux kernel, the following vulnerability has been resolved: dm raid: fix accesses beyond end of raid member array On dm-raid table load using raidctr, dm-rai...
SUSE CVE-2023-53820
In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...