57 matches found
SUSE CVE-2026-46001
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...
CVE-2026-46001
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...
UBUNTU-CVE-2026-46001
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...
CVE-2026-46001
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...
EUVD-2026-32297
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...
CVE-2026-46001
hwmon: pt5161l Fix bugs in pt5161lreadblockdata...
PT-2026-43868
In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161l read block data Fix two bugs in pt5161l read block data: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2c smbus read block data can return up to I2C SMBUS BLOCK MAX 32...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fixed array access with zero-length block reads. i2csmbusreadblockdata can return 0, indicating a zero-length read. In such cases, tps53679identifychip accesses bufret - 1, which is actually buf-1. This results in...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limits the number of bytes that can be read from I2C to I2CSMBUSBLOCKMAX. The commit effa453168a7 "i2c: i801: Do not silently correct invalid transfer size" revealed that ee1004eepromread does not properly limit t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-43005 hwmon: (tps53679) Fix array access with zero-length block read
In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...
CVE-2026-23197
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-23197
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-23197
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-23197 i2c: imx: preserve error state in block data length handler
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
CVE-2026-23197
The CVE-2026-23197 issue affects the Linux kernel i2c_imx driver: when a block read returns an invalid length (not in range), the length handler sets IMX_I2C_STATE_FAILED, but i2c_imx_master_isr() overwrites it with IMX_I2C_STATE_READ_CONTINUE, causing an endless read loop that overruns buffers a...
CVE-2026-23197 i2c: imx: preserve error state in block data length handler
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
Linux Distros Unpatched Vulnerability : CVE-2026-23197
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001091)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001091 advisory. The xenbiovecphysmergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain...
PT-2025-51180
openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...