1157 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53343
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 ARM: 9430/1: entry: Do a dummy read from VMAP shadow added a dummy read from t...
UBUNTU-CVE-2026-53346
In the Linux kernel, the following vulnerability has been resolved: rust: arm64: set uwtable llvm module flag for CONFIGUNWINDTABLES Due to a rustc bug 1 the -Cforce-unwind-tables=y flag only emits the uwtable annotation for functions, but not for the module. This means that compiler-generated...
EUVD-2026-40977
In the Linux kernel, the following vulnerability has been resolved: ARM: 9475/1: entry: use byte load for KASAN VMAP stack shadow Commit 44e9a3bb76e5 "ARM: 9430/1: entry: Do a dummy read from VMAP shadow" added a dummy read from the KASAN VMAP stack shadow in switchto. The read uses ldr, but the...
EUVD-2026-40884
UltraVNC viewer through 1.8.2.2 contains an integer overflow leading to a heap buffer overflow in the RFB protocol failure-response parsing path. In vncviewer/ClientConnection.cpp, the 4-byte network-supplied reasonLen field type CARD32 is passed as reasonLen+1 to CheckBufferSize. Because both...
EUVD-2026-38870
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: lpass: Fix for KASAN use-after-free out of bounds. When we run syzkaller, we encounter an Out of Bounds error. “KASAN: slab-out-of-bounds Read in regcacheflatread.” The issue’s backtrace is as follows: BUG: KASAN:...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fixed a memory out-of-bounds issue when numconfigs is 1. The configuration passed in by padwakeup is set to 1 when numconfigs is 1. In this case, Configuration 1 should not be retrieved, which will be detected...
Astra Linux – Vulnerability in wavpack
A null pointer dereference bug was found in wavpack-5.4.0. Results from the ASAN log: AddressSanitizer:DEADLYSIGNAL ===================================================================84257==ERROR: AddressSanitizer: SEGV at an unknown address 0x000000000000 pc 0x561b47a970c6, bp 0x7fff13952fb0, sp...
Astra Linux – Vulnerabilities in Firefox, LibWebP, Thunderbird
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode function and loop through to free the best.bw file, assigning the best pointer to trial. The second loop will then return 0 due to a memory out-of-memory error in the VP8 encoder; the pointer remai...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: mm: krealloc: Fixed an MTE false alarm in dokrealloc. This patch addresses an issue introduced by commit 1a83a716ec233, which caused MTE Memory Tagging Extension to falsely report a slab-out-of-bounds error. The problem occurs wh...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the sdlPointerNew function freed memory upon failure. However, after that function called sdlPointerFree to free the memory again, it triggered a Universal Address Fault UAF condition. This vulnerability has...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: crypto: arm64/poly1305 – fixed a read out-of-bound issue. A KASAN error was reported during fuzzing: BUG: KASAN: slab-out-of-bounds in neonpoly1305blocks.constprop.0+0x1b4/0x250 poly1305neon Read of size 4 at addr...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: zloop: Fixed the KASAN use-after-free of the tagset. When a zloop device is removed, the KASAN-enabled kernel reports a “BUG KASAN use-after-free” in the blkmqfreetagset function. This bug occurs because zloopctlRemove calls...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: usb: mtu3: Fix for the listhead check warning caused by uninitialization of listhead. This issue is due to the lack of initialization of listhead. BUG: KASAN: Use-after-free in listdelentryvalid+0x34/0xe4. Call trace:...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fixed a stack-out-of-bounds issue in strncpy “BUG: KASAN: Stack-out-of-bounds in strncpy+0x30/0x68” The Linux-ATF interface uses 16 bytes of SMC payload. If the clock name is longer than 15 bytes, the string...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated The message passed to netconsole from the console subsystem is not guaranteed to be nul-terminated. Before the recent commit 7eab73b18630 “netconsole: convert to NBCON consol...
EUVD-2026-37712
A stack-based buffer overflow exists in the rawtoheader function in src/microtar.c in rxi microtar 0.1.0. The function copies the 100-byte name and linkname fields of a TAR header with strcpy without guaranteeing null termination of the source. The POSIX ustar format permits these fixed-width...
PT-2026-47704
A remote, unauthenticated BLE peer can trigger a 2-byte out-of-bounds write in the Bluetooth host during L2CAP LE CoC SDU reassembly. When the application enables segmentation via chan ops.alloc buf and the chosen RX pool has a user data size smaller than 2 bytes, the segmentation counter stored ...
EulerOS Virtualization 2.12.0 : libpng (EulerOS-SA-2026-2104)
According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in libpng 1.6.43-1.6.46 allows a local attacker to cause a denial of service via pngcreatereadstruct...
CVE-2026-0052
In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...