Lucene search
+L

11 matches found

snyk
snyk
added 2026/05/19 9:51 p.m.12 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the Chunk process when handling files with a samplesperchunk value of zero. An attacker can cause a segmentation fault and denial of service by providing a specially crafted HEIF file that triggers an unsigned...

7.1CVSS5.8AI score0.00301EPSS
Exploits1References2
osv
osv
added 2026/05/19 7:3 p.m.1 views

CVE-2026-32738 libheif has a Heap OOB Read/SEGV Crash via Zero samples_per_chunk

libheif is a HEIF and AVIF file format decoder and encoder. In versions 1.21.2 and below, a crafted 792-byte HEIF sequence file with samplesperchunk=0 in the stsc box causes an unsigned integer underflow in the Chunk constructor mlastsample = 0 + 0 - 1 = UINT32MAX, mapping all samples to an empty...

6.5CVSS6.1AI score0.00301EPSS
Exploits1References3
susecve
susecve
added 2026/05/06 1:42 a.m.16 views

SUSE CVE-2026-31770

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

5.8AI score0.00123EPSS
Exploits0References3
nvd
nvd
added 2026/05/01 3:16 p.m.6 views

CVE-2026-31770

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

5.5CVSS0.00123EPSS
Exploits0References8
cvelist
cvelist
added 2026/05/01 2:14 p.m.31 views

CVE-2026-31770 hwmon: (occ) Fix division by zero in occ_show_power_1()

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

0.00123EPSS
Exploits0References8
euvd
euvd
added 2026/05/01 2:14 p.m.12 views

EUVD-2026-26583

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

5.8AI score0.00123EPSS
Exploits0References8
osv
osv
added 2026/05/01 2:14 p.m.1 views

CVE-2026-31770 hwmon: (occ) Fix division by zero in occ_show_power_1()

In the Linux kernel, the following vulnerability has been resolved: hwmon: occ Fix division by zero in occshowpower1 In occshowpower1 case 1, the accumulator is divided by updatetag without checking for zero. If no samples have been collected yet e.g. during early boot when the sensor block is...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References11
cve
cve
added 2026/05/01 2:14 p.m.14 views

CVE-2026-31770

The CVE-2026-31770 issue affects the Linux kernel hwmon/occ path. In occ_show_power_1(), the accumulator could be divided by update_tag without checking for zero when no samples have been collected, leading to a division-by-zero crash. A fix reuses occ_get_powr_avg() (which handles the zero-sampl...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References8Affected Software1
ptsecurity
ptsecurity
added 2026/05/01 12:0 a.m.7 views

PT-2026-36405

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A divide-by-zero flaw exists in the occ show power 1 function. In case 1 of this function, the accumulator is divided by the update tag variable without verifying if it is zero. If no...

5.5CVSS5.5AI score0.00123EPSS
Exploits0References18
astralinux
astralinux
added 2026/01/27 5:1 a.m.6 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: comedi: Fixed the use of uninitialized data in insnrwemulatebits. For Comedi INSNREAD and INSNWRITE instructions on “digital” subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevic...

5.5CVSS6.3AI score0.00158EPSS
Exploits0References3
osv
osv
added 2025/07/28 12:15 p.m.7 views

DEBIAN-CVE-2025-38480

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insnrwemulatebits For Comedi INSNREAD and INSNWRITE instructions on "digital" subdevices subdevice types COMEDISUBDDI, COMEDISUBDDO, and COMEDISUBDDIO, it is common for the subdevice drive...

5.5CVSS5.5AI score0.00158EPSS
Exploits0References1
Rows per page
Query Builder