Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still encounter this issue with gcc-9: In the file included from include/linux/string.h:254, from...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ovl: Use the “buf” flexible array as the destination for memcpy. The “buf” flexible array must be used as the destination for memcpy to avoid false positive run-time warnings caused by the recent FORTIFYSOURCE hardening measures:...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: kheaders: Use an array declaration instead of a char. Under CONFIGFORTIFYSOURCE, memcpy will check the size of the destination and source buffers. Defining kernelheadersdata as “char” would trigger this check. Since these address...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The crash in timerlatdumpstack has been fixed. We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 bytes written to a buffer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE, we are performing compile-time and run-time field bounds checking for memcpy, memmove, and memset. Avoid intentionally writing across neighboring fields...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/mlx5: Fixed an issue where a source warning occurred when accessing the Eth segment. ------------ Cut here ------------ memcpy: A field-spanning write was detected size 56 for the single field “eseg-inlinehdr.start” at...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is provided. In any case,...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: Bounds check for struct nfctarget arrays While running with CONFIGFORTIFYSOURCE=y, syzkaller reported the following issue: memcpy: A field-spanning write was detected size 129 of the single field “target-sensfres” at...

SUSE CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

DEBIAN-CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

EUVD-2026-35423

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

samba security update

4.19.4-16.0.1 - s3: winbindd: winbinddpam: fix leak in extractpacvrfysigs Orabug: 36518285 - s3:passdb: Do not leak memory in pdbtdb Orabug: 36371377 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.19.4-16 - resolves: RHEL-156322 - Fix...

CVE-2026-46149

A flaw was found in the Linux kernel's SCSI target subsystem. This vulnerability, a buffer overflow, occurs in the tgptgpmembersshow function when processing long iSCSI IQN names. An attacker could potentially exploit this by providing a specially crafted input, leading to the disclosure of...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

UBUNTU-CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

Summary: CVE-2026-46149 affects the Linux kernel SCSI target subsystem, specifically the configfs path in tg_pt_gp_members_show(). The function formats LUN paths with snprintf() into a 256-byte stack buffer and then copies cur_len bytes via memcpy(), but snprintf() may return a length that exceed...

PT-2026-44272

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow occurs in the target tg pt gp members show function when formatting LUN paths using snprintf into a 256-byte stack buffer. Because iSCSI IQN names can reach 223 bytes,...