54 matches found
EUVD-2026-31397
A malicious SSH peer could send unsolicited global request responses to fill an internal buffer, blocking the connection's read loop. The blocked goroutine could not be released by calling Close, resulting in a resource leak per connection. Unsolicited global responses are now discarded...
Astra Linux - уязвимость в linux, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: usb:typec:tipd: The WARNON message in tps6598xblockread has been removed. Calling tps6598xblockread with a parameter length greater than allowed can be handled by simply returning an error. There is no need to cause system crashe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ntfs: Set a dummy block size to “read bootblock” when mounting. During mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy block size before attempting to read the bootblock. The...
CVE-2026-43005
In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...
EUVD-2026-19958
Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...
Linux Distros Unpatched Vulnerability : CVE-2026-28386
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 byt...
EUVD-2026-5847
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...
PT-2026-8205
In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2C SMBUS BLOCK MAX, the length handler sets the state to IMX I2C STATE FAILED. However, i2c imx master isr...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38425)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38425 advisory. - In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001704)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001704 advisory. In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...
CVE-2025-71067 ntfs: set dummy blocksize to read boot_block when mounting
In the Linux kernel, the following vulnerability has been resolved: ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a dummy blocksize before attempting to read the bootblock. The issue can...
CVE-2025-71067
The CVE-2025-71067 vulnerability affects the Linux kernel NTFS mounting path where sb->s_blocksize can remain zero when the block size of the block device exceeds PAGE_SIZE, causing ntfs_init_from_boot() to read the boot_block with an undefined/zero blocksize. The issue is triggered during mou...
Linux Distros Unpatched Vulnerability : CVE-2025-71067
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs: set dummy blocksize to read bootblock when mounting When mounting, sb-sblocksize is used to read the bootblock without being defined or validated. Set a...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989159)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989159 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Remove WARNON in tps6598xblockread Calling tps6598xblockread with a higher than...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue reading if the message length passed from the device is ‘0’ or greater than the maximum allowed bytes...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986543)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986543 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: typec: tipd: Remove WARNON in tps6598xblockread Calling tps6598xblockread with a higher than...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414475)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414475 advisory. In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...
EUVD-2025-22660
Malicious code in bioql PyPI...
i2c: tegra: check msg length in SMBUS block read
...
Linux Distros Unpatched Vulnerability : CVE-2022-48747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: Fix wrong offset in biotruncate biotruncate clears the buffer outside of last block of bdev, however current biotruncate is using the wrong offset of pag...