28 matches found
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixed the abuse of variable-length arrays in btreeiter. btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set...
Astra Linux - уязвимость в linux-5.15, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: fs/ntfs3: Use variable length arrays instead of fixed-size ones. The issue with the “smatch warning” should be fixed: Error in ntfssetlabel: builtinmemcpy’s ‘uni-name’ is too small 20 vs 256...
Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013408)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013408 advisory. In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either...
EUVD-2026-23022
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...
CVE-2026-40916
A flaw was found in GIMP. A stack buffer overflow vulnerability in the TIM image loader's 4BPP decoding path allows a local user to cause a Denial of Service DoS. By opening a specially crafted TIM image file, the application crashes due to an unconditional overflow when writing to a...
CVE-2023-53057
The CVE-2023-53057 entry corresponds to a Linux kernel Bluetooth HCI global-out-of-bounds bug. The issue arises in hci_init_stage_sync() looping a variable-length array, where amp_init1[] and amp_init2[] lacked an intentionally invalid final element, enabling out-of-bounds reads during hci_dev_op...
drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA
...
SUSE CVE-2024-50134
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
DEBIAN-CVE-2024-50134
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
AZL-52437 CVE-2024-50134 affecting package kernel for versions less than 6.6.64.2-1
In the Linux kernel, the following vulnerability has been resolved: drm/vboxvideo: Replace fake VLA at end of vbvamousepointershape with real VLA Replace the fake VLA at end of the vbvamousepointershape shape with a real VLA to fix a "memcpy: detected field-spanning write error" warning: 13.31981...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which originates in the drm/vboxvideo module, where the use of a fake variable-length array VLA in place of a real...
bcache: fix variable length array abuse in btree_iter
...
SUSE CVE-2024-39482
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
CVE-2024-39482
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
DEBIAN-CVE-2024-39482
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
AZL-43264 CVE-2024-39482 affecting package kernel for versions less than 5.15.162.2-1
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
UBUNTU-CVE-2024-39482
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
CVE-2024-39482
CVE-2024-39482 relates to the Linux kernel bug in bcache: it abused a fixed-length array in btree_iter when used with dynamically-sized iterators, triggering UBSAN. The fix introduces a flexible array member in btree_iter and a separate btree_iter_stack that embeds a btree_iter plus a data array,...
CVE-2024-39482 bcache: fix variable length array abuse in btree_iter
In the Linux kernel, the following vulnerability has been resolved: bcache: fix variable length array abuse in btreeiter btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set. Previously, the...
CVE-2024-38623
A vulnerability was found in the Linux kernel's NTFS3 filesystem module. This issue has been resolved by switching from a fixed-size array to a variable-length array. This change mitigates the risk of buffer overflows that could potentially be exploited by attackers. Mitigation Mitigation for thi...