26 matches found
Astra Linux - уязвимость в linux-5.10
Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. The timesinstall function calls currentissinglethreaded to determine whether the current process is single-threaded. However, this call does not take into account iouring’s...
BIT-JRE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
PT-2026-38889
An integer overflow in the tt var load item variation store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
JLSEC-2026-461 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in...
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
BIT-JAVA-MIN-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
SUSE CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
AZL-78518 CVE-2026-23865 affecting package freetype 2.13.2-1
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
UBUNTU-CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
EUVD-2026-9195
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
CVE-2026-23865
An integer overflow in the ttvarloaditemvariationstore function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2...
FreeType 安全漏洞
FreeType is an open-source font rendering library developed by FreeType. Versions 2.13.2 and 2.13.3 of FreeType contain security vulnerabilities. These vulnerabilities stem from integer overflows in the ttvarloaditemvariationstore function, which may lead to out-of-bound reads when parsing...
EUVD-2023-27686
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-23586
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethread...
OESA-2023-1152 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethreaded to determine if the current process is single-threaded, but this...
CVE-2023-23586
A use-after-free vulnerability was discovered in the Linux kernel's iouring subsystem. It was found that it is possible to insert a time namespace's vvar page to process memory space via a page fault. When this time namespace is destroyed, the vvar page is also freed, but not removed from the...
SUSE CVE-2023-23586
Due to a vulnerability in the iouring subsystem, it is possible to leak kernel memory information to the user process. timensinstall calls currentissinglethreaded to determine if the current process is single-threaded, but this call does not consider iouring's ioworker threads, thus it is possibl...
CVE-2023-23586
creationtimestamp| type| source ---|---|--- 2023-02-17 16:13:07+00:00| published-proof-of-concept| https://t.me/cibsecurity/58430 2024-12-10 23:00:00+00:00| seen| https://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html 2024-12-20 18:02:36+00:00| published-proof-of-concept|...