Lucene search
K

41 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:12 a.m.7 views

SUSE CVE-2026-53149

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Bound root directory content to block size tbpropertyparsedir does not check that contentoffset + contentlen fits within blocklen for the root directory case. When rootdir-length equals or exceeds blocklen - 2, the...

5.8AI score0.00126EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Fix handling of zero block length packets When connecting to a Linux host with CDCNCMNTBDEFSIZETX set to 65536, it was observed that we receive short packets, which occur at intervals of 5–10 seconds. These...

5.5CVSS6.2AI score0.0023EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/04/25 1:37 a.m.7 views

SUSE CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

6.1CVSS5.4AI score0.00129EPSS
Exploits0References4
NVD
NVD
added 2026/04/24 3:16 p.m.5 views

CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

7CVSS0.00129EPSS
Exploits0References12
OSV
OSV
added 2026/04/24 3:16 p.m.6 views

DEBIAN-CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

5.5CVSS5.2AI score0.00129EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:42 p.m.6 views

EUVD-2026-25510

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

5.3AI score0.00129EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/24 2:42 p.m.8 views

CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

5.5CVSS5.2AI score0.00129EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/04/24 2:42 p.m.16 views

CVE-2026-31617

CVE-2026-31617 in the Linux kernel Usb Gadget CDC-NCM path (f_ncm) allowed a host to supply a too-small NTB block_len, triggering an underflow in block_len - ndp_size/dpe_size checks and enabling memory exposure during skb_copy. The fix clamps block_len to only those values that can hold the NTB ...

7CVSS5.3AI score0.00129EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2026/04/24 2:42 p.m.33 views

CVE-2026-31617 usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb()

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

0.00129EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2026/04/24 2:42 p.m.5 views

CVE-2026-31617

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fncm: validate minimum blocklen in ncmunwrapntb The blocklen read from the host-supplied NTB header is checked against ntbmax but has no lower bound. When blocklen is smaller than opts-ndpsize, the bounds check of:...

7CVSS5.2AI score0.00129EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.12 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of the minimum block len in the ncmunwrapntb function. This vulnerabilit...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.6 views

PT-2026-34969

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ncm unwrap ntb function where the block len read from the host-supplied NTB header lacks a lower bound check. When block len is smaller than opts-ndp size, the...

9.8CVSS5.1AI score0.00525EPSS
Exploits0References400
OSV
OSV
added 2026/03/24 5:58 p.m.9 views

CLSA-2026-1774375084 libarchive: Fix of CVE-2026-4111

CVE-2026-4111: Fix infinite loop in RAR5 decompression caused by blocklength exceeding half the window size, leading to CPU-consuming denial-of-service...

7.5CVSS7.1AI score0.00693EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/02 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005545)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005545 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Fix handling of zero block length packets While connecting to a Linux host with...

5.5CVSS6.8AI score0.0023EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/16 12:25 a.m.10 views

SUSE CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2026/02/14 5:15 p.m.41 views

CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.5CVSS0.001EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/14 12:0 a.m.3 views

PT-2026-8205

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2C SMBUS BLOCK MAX, the length handler sets the state to IMX I2C STATE FAILED. However, i2c imx master isr...

5.2AI score0.001EPSS
Exploits0References3
OSV
OSV
added 2026/01/27 4:16 p.m.5 views

AZL-75272 CVE-2025-69418 affecting package openssl for versions less than 3.3.5-3

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

4CVSS5.6AI score0.00115EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/12/16 8:44 p.m.6 views

CVE-2025-67901

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...

5.3CVSS6.8AI score0.00243EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/14 11:50 p.m.29 views

CVE-2025-67901

openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSEGV by specifying a length of zero for block data, because the relationship between p-rem and p-len is not checked...

5.3CVSS0.00243EPSS
Exploits0References2
Rows per page
Query Builder