CVE-2026-43620

Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CFINCRECURSE in compatibility flags and sending a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021617)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021617 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixed the out-of-bounds read warning. Using index i-1U may exceed the element index for mcdata when i=0...

EUVD-2026-12887

In the Linux kernel, the following vulnerability has been resolved: net: liquidio: Fix off-by-one error in VF setupnicdevices cleanup In setupnicdevices, the initialization loop jumps to the label setupnicdevfree on failure. The current cleanup loop whilei-- skip the failing index i, causing a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992392)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992392 advisory. In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of thi...

SUSE CVE-2022-50758

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix potential memory leak In function deviceinittd0ring, memory is allocated for member tdinfo of priv-apTD0Ringsi, with i increasing from 0. In case of allocation failure, the memory is freed in reversed order,...

EUVD-2025-179054

Malicious code in error-signal-minify-zero-index npm...

CVE-2022-50355 staging: vt6655: fix some erroneous memory clean-up loops

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...

Linux Distros Unpatched Vulnerability : CVE-2023-53075

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ftrace: Fix invalid address access in lookuprec when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookuprec Read of size 8 at addr...

SUSE CVE-2023-53075

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookuprec when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookuprec Read of size 8 at addr ffff000199270ff0 by task modprobe CPU: 2 Comm: modprobe Call trace:...

UBUNTU-CVE-2024-46731

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix the Out-of-bounds read warning using index i - 1U may beyond element index for mcdata when i = 0...

kernel: KVM: s390: pv: fix index value of replaced ASCE

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: pv: fix index value of replaced ASCE The index field of the struct page corresponding to a guest ASCE should be 0. When replacing the ASCE in s390replaceasce, the index of the new ASCE should also be set to 0. Having t...

Upgraded Q -> 2 from #250 [1676238307490]

Judge has assessed an item in Issue 250 as 2 risk. The relevant finding follows: In first place, currentIndex which is of type mappingaddress = uint256 is incremented before using it in line 117. This will cause the implementation to miss the zero index, and start from the second place index 1. T...

CLSA-2022-1657182572 Fixed CVEs in vim: CVE-2022-2124, CVE-2022-2129, CVE-2022-2125, CVE-2022-2126, CVE-2022-1720

CVE-2022-2125: add checking for NUL to avoid running over the end of line - CVE-2022-1720: do not include the NUL in the length to avoid reading past end of line with "gf" in Visual block mode - CVE-2022-2124: add checking for NUL to avoid running over the end of line - CVE-2022-2129: disallow...