309 matches found
DEBIAN-CVE-2026-53283
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...
CVE-2026-53283
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...
CVE-2026-53182
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
UBUNTU-CVE-2026-53182
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
CVE-2026-53186
CVE-2026-53186 affects the Linux kernel SRP path in RDMA: the SRP_RSP data length (resp_data_len) is not bounded by the actual received bytes, risking an out-of-bounds read when processing sense data. The copy is capped to 96 bytes, but the source offset can point far past the received data, pote...
CVE-2026-53182
CVE-2026-53182 affects the Linux kernel nl80211: rejects oversized EMA RNR lists in nl80211_parse_rnr_elems, using a u8 counter and capping at 255 to align with the underlying data structure. Several advisories (Red Hat, Debian family, Ubuntu OSV entries, and Root) confirm patches are released in...
CVE-2026-53182 wifi: nl80211: reject oversized EMA RNR lists
In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...
SUSE-SU-2026:22355-1 Security update for libgcrypt
This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...
SUSE-SU-2026:22270-1 Security update for libgcrypt
This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...
OPENSUSE-SU-2026:21047-1 Security update for libgcrypt
This update for libgcrypt fixes the following issue - CVE-2026-41990: lack of bound check can lead to mishandling of Dilithium signing bsc1262693...
CVE-2026-49295
libde265 is an open source implementation of the h.265 video codec. Prior to version 1.0.20, a crafted H.265 bitstream can cause an out-of-bounds array write in decodercontext::processreferencepictureset libde265/decctx.cc:1376. The root cause is a missing aggregate bound check on predicted...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug was triggered within the decodedeliverreport function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: jfs: fixed an array-index-out-of-bounds issue in dbAdjTree. Currently, there is a missing bounds check when accessing the dmtstree within dbAdjTree. To address this issue, a boolean variable named “isctl” was added. This variable...
Astra Linux – Vulnerability in ofono
A flaw was discovered in ofono, an open-source telephony software for Linux. A stack overflow bug occurs within the decodedeliver function during SMS decoding. It is assumed that the attack scenario can be executed from a compromised modem, a malicious base station, or simply through SMS. There i...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: HID: mcp2221: prevented a buffer overflow in mcpsmbuswrite Match Warning: drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy ‘&mcp-txbuf5’ is too small 59 vs 255 drivers/hid/hid-mcp2221.c:388 mcpsmbuswrite error: memcpy...
UBUNTU-CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
EUVD-2026-34317
A missing upper-bound check in the udpifsetthreads function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service DoS via resource exhaustion...
CVE-2026-36499
Open vSwitch v3.6.90 contains a missing upper-bound check in udpif_set_threads(); with OVSDB write access, an attacker can request excessive handler/revalidation threads, causing DoS via resource exhaustion. Documented across NVD entries and vuln lists; exploitation status is not detailed in the ...