477 matches found
EUVD-2026-18749
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
CVE-2026-23474
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
UBUNTU-CVE-2026-23474
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
CVE-2026-23474
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
CVE-2026-23474
CVE-2026-23474 concerns a Linux kernel issue related to RedBoot partition table parsing that could trigger a buffer overflow when Fortify-derived checks mis-handle dynamic allocation sizing. The connected OSV/Nessus data indicate this vulnerability has been addressed in multiple distros via patch...
CVE-2026-23474
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
CVE-2026-23474 mtd: Avoid boot crash in RedBoot partition table parser
In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...
PT-2026-30168
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0 Description The Linux kernel contains a flaw in the RedBoot partition table parser. When CONFIG FORTIFY SOURCE is enabled and a recent compiler is used, a buffer overflow can occur during the parsing...
UBUNTU-CVE-2026-23059
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...
CVE-2026-23059
In the Linux kernel CVE-2026-23059, the vulnerable code paths are in Scsi qla2xxx logic, specifically qla27xx_copy_fpin_pkt() and qla27xx_copy_multiple_pkt(). The frame_size reported by firmware could exceed the 64-byte iocb member in struct purex_item, causing cross-boundary memcpy writes and Fo...
EUVD-2026-5485
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...
Here’s the Company That Sold DHS ICE’s Notorious Face Recognition App
Immigration agents have used Mobile Fortify to scan the faces of countless people in the US—including many citizens...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005018)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005018 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE performing compile-ti...
SUSE CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
SUSE CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...
CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...
CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...
UBUNTU-CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...
CVE-2025-71123
In the Linux kernel, the following vulnerability has been resolved: ext4: fix string copying in parseapplysbmountoptions strscpypad can't be used to copy a non-NUL-term string into a NUL-term string of possibly bigger size. Commit 0efc5990bca5 "string.h: Introduce memtostr and memtostrpad" provid...
CVE-2025-71128
In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...