memory safety

A heap-based buffer overflow has been reported in HDF5 v1.14.6: the function H5O__mtime_new_encode in src/H5Omtime.c can be manipulated to write past an allocated heap buffer (CVE‑2025‑6750), a defect tracked publicly with a working proof‑of‑concept and tracked by distribution vendors and...

A use-after-free defect in the HDF5 C library — tracked as CVE-2025-6856 and rooted in the H5FL__reg_gc_list routine in src/H5FL.c — has been publicly disclosed and confirmed by multiple independent sources; the flaw affects HDF5 1.14.6, a widely embedded library in scientific, engineering, and...

A critical use‑after‑free defect has been publicly disclosed in the HDF5 library: CVE‑2025‑2913 identifies a flaw in src/H5FL.c (function H5FL__blk_gc_list) that can dereference freed metadata under specific local conditions, creating a realistic denial‑of‑service and memory‑corruption risk for...

A newly assigned CVE, CVE-2025-14512, exposes a critical integer‑overflow bug in GLib’s GIO attribute-escaping routine that can lead to a heap buffer overflow and denial‑of‑service — the defect is fixed upstream in the GLib 2.86.x point releases and is now tracked across multiple vendor...

AzeoTech’s DAQFactory has been the subject of a high‑severity industrial control systems (ICS) advisory: multiple memory‑safety and parsing flaws in DAQFactory Release 20.7 (Build 2555) and earlier can be triggered by specially crafted project files (.ctl), and the vendor has released a...

A newly disclosed memory‑corruption defect in the open‑source Grassroots DiCoM library (GDCM) gives healthcare and imaging tool maintainers a concrete remediation task this quarter: an out‑of‑bounds write when parsing encapsulated PixelData fragments can crash applications that use GDCM and, in...

The 2025 CWE Top 25 Most Dangerous Software Weaknesses arrives as a clear, data-driven wake-up call for developers, security teams, and procurement managers: adversaries continue to exploit a concentrated set of weakness classes, and addressing those root causes is the fastest way to reduce...

A recently published Linux kernel security entry — CVE-2025-40322 — addresses a bounds‑checking defect in the legacy framebuffer (fbdev) text‑blitting code that could let a crafted character value cause an out‑of‑bounds read from the built‑in font table; the upstream fix clamps the computed...

A newly assigned CVE, CVE-2025-40294, identifies an out‑of‑bounds (OOB) access in the Linux kernel’s Bluetooth management path that can cause memory corruption and crashes when userland supplies overly large advertising‑pattern lengths. The defect lives in the MGMT layer’s...

A new Linux-kernel vulnerability, tracked as CVE‑2025‑40314, has been published: a use‑after‑free in the cdns3 USB gadget driver that can occur when the cdnsp gadget fails to initialize or during gadget exit, and upstream kernel maintainers have merged a compact fix into recent stable trees to...

A subtle but important memory-safety bug in the Linux kernel’s Btrfs file-handle encoder has been fixed upstream: CVE-2025-40205 closes an out‑of‑bounds write in btrfs_encode_fh that could, in specific circumstances, write eight bytes past the user-supplied buffer. This is primarily an...

The Linux kernel has received a targeted corrective patch for a resource-consumption weakness in the ext4 filesystem — tracked as CVE‑2025‑40179 — that limits the size of orphan files during replay and changes how b-descriptor arrays are allocated to avoid large-order memory allocations...

The Linux kernel received a targeted fix in November 2025 for a subtle but potentially dangerous memory-handling bug in its TLS decryption path: when asynchronous TLS decryption attempts fail to create a safe clone of incoming packet memory (via tls_strp_msg_hold), the kernel must wait for...

A small but consequential flaw in the Linux AMD DRM display stack — tracked as CVE‑2024‑49971 — can cause an out‑of‑bounds write when the driver reads the third element of a two‑element array; the upstream remedy is a simple, surgical change to increase the dummy_boolean array size from 2 to 3...

The Linux kernel received a targeted fix for an out‑of‑bounds memory access in the SJA1105 driver that surfaced as a KASAN warning in sja1105_table_delete_entry, tracked as CVE‑2025‑22107; upstream maintainers corrected the logic that drove an unsafe memmove so the driver no longer touches...

A recently disclosed Linux-kernel vulnerability, tracked as CVE-2025-37750, fixes a kernel use‑after‑free (UAF) that can be triggered when SMB multichannel is used with encrypted transfers; the bug arises from reusing crypto AEAD state across channels and manifests as KASAN-detected slab UAFs...

A locally exploitable memory‑corruption bug in LibTIFF’s tiffcrop utility — tracked as CVE‑2025‑8961 — has been publicly documented and patched upstream, and the technical trail points to a double‑free and missing cleanup checks in tools/tiffcrop.c that can crash or corrupt memory when...

A newly disclosed vulnerability in the widely used file-synchronization utility rsync — tracked as CVE-2025-10158 — allows a malicious rsync receiver to induce an out-of-bounds read of a heap buffer by exploiting a negative array index; the issue was fixed upstream in a small commit but remains...

A silent boundary-check mistake in a widely used networking library has resurfaced a familiar security lesson: small parsing errors in C can still bite large ecosystems. In September 2025 the curl project disclosed CVE-2025-9086, an out-of-bounds read in cookie path handling inside libcurl that...

A new Linux kernel security entry, tracked as CVE‑2025‑40266, fixes a correctness validation in KVM’s ARM64 FF‑A memory‑sharing path that could allow an out‑of‑bounds access in the hypervisor when a deliberately large offset is supplied; the upstream remedy is a narrow bounds check added to...