UBUNTU-CVE-2026-46070

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

CVE-2026-46070 md/raid5: validate payload size before accessing journal metadata

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

CVE-2026-46070

CVE-2026-46070 pertains to the Linux kernel md/raid5 path where journal metadata blocks could be overrun due to missing validation of on-disk payload sizes. r5c_recovery_analyze_meta_block() and r5l_recovery_verify_data_checksum_for_mb() may read or offset beyond a page boundary when payload size...

PT-2026-43937

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5c recovery analyze meta block and r5l recovery verify data checksum for mb iterate over payloads in a journal metadata block using on-disk payload size fields...

CVE-2026-8686

Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users should upgrade to v5.0.1...

EUVD-2026-30581

Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users should upgrade to v5.0.1...

CVE-2026-8686

Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users should upgrade to v5.0.1...

PT-2026-41372

Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users should upgrade to v5.0.1...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

Security update for freerdp

This update for freerdp fixes the following issues: CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. CVE-2026-25952: Heap-use-after-free in xfSetWindowMinMaxInfo...

SUSE-SU-2026:1633-1 Security update for freerdp

This update for freerdp fixes the following issues: - CVE-2026-25941: Out-of-Bounds Read in client RDPGFX channel via crafted WIRETOSURFACE2 PDU bsc1258919. - CVE-2026-25942: Global-buffer-overflow in xfrailserverexecuteresult bsc1258920. - CVE-2026-25952: Heap-use-after-free in...

CLSA-2026-1776949767 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

CLSA-2026-1776941204 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

CLSA-2026-1776877737 squid: Fix of CVE-2021-28116

CVE-2021-28116: fix out-of-bounds read in WCCPv2 message parsing via stricter bounds validation of security, service, router, view, and capability items...

CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

CVE-2026-31449

In the Linux kernel, the following vulnerability has been resolved: ext4: validate pidx bounds in ext4extcorrectindexes ext4extcorrectindexes walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing pathk.pidx-eiblock, there is no validation...

EUVD-2026-24629

Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0...

CVE-2026-6840

Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0...

CVE-2026-6840

CVE-2026-6840 describes missing bounds validation for an operator during model loading, enabling a out-of-range operator-code lookup. Affected versions are those prior to commit 1.30.0. The CVSS 3.1 base score is 5.5 (Medium) with Local attack vector, Low attack complexity, No privileges required...

CVE-2026-6840

Missing bounds validation for operator could allow out of range operator-code lookup during model loading Affected version is prior to commit 1.30.0...