Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fixed the null-ptr-deref issue in hugetlbfsParseParam Syzkaller reported a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992893)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992893 advisory. In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990329 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990147)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990147 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986531)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986531 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Prevent OOB read/write in usbstringcopy Userspace provided string 's' coul...

EUVD-2022-55521

Malicious code in bioql PyPI...

CVE-2022-50455

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2022-50455

CVE-2022-50455 entry is rejected/not used per the Initial Description.

SUSE CVE-2022-50334

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2022-50334

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

DEBIAN-CVE-2022-50334

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

CVE-2022-50334 hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: fix null-ptr-deref in hugetlbfsparseparam Syzkaller reports a null-ptr-deref bug as follows: ====================================================== KASAN: null-ptr-deref in range 0x0000000000000000-0x0000000000000007...

PT-2025-37636

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a null pointer dereference issue in the hugetlbfs parse param function. This occurs when parsing mount parameters, specifically when an illegal parameter like...

CLSA-2024-1718903288 cups: Fix of 2 CVEs

CVE-2023-32360: require authentication for CUPS-Get-Document. - CVE-2023-32324: fix cupsstrlcpy to exit immediately if a length of the source string is zero...

SUSE CVE-2011-4079

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service slapd crash via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry...

The vulnerability of the Ruby interpreter arises from an operation that goes beyond buffer boundaries in memory, allowing a malicious actor to trigger a service failure.

The vulnerability of the Ruby interpreter arises from an operation that occurs outside the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to cause a service failure during the execution of the JSON.generate function. The problem lies in the use of the strdu...

CVE-2012-2330

The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...

Design/Logic Flaw

The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...

DEBIAN-CVE-2011-4079

Off-by-one error in the UTF8StringNormalize function in OpenLDAP 2.4.26 and earlier allows remote attackers to cause a denial of service slapd crash via a zero-length string that triggers a heap-based buffer overflow, as demonstrated using an empty postalAddressAttribute value in an LDIF entry...