CVE-2026-53015

In the Linux kernel’s EROFS code, the lcn field was typed as unsigned long (or unsigned int), which is 32-bit on 32-bit platforms, causing (lcn <

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed potential integer multiplication overflow errors. When multiplying values of different types, an overflow can occur even when storing the result in a larger type. This happens because the conversion is perform...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Do not cause overflow in the peek function. When we started assigning new inode numbers to most of the 64-bit inode space, it triggered some edge-case bugs, particularly some integer overflows related to...

Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: A 64-bit variable is used to avoid 32-bit overflow. For example, in the expression: vbo = 2 vbo + skip...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm: zynqmpdp: Fixed integer overflow in zynqmpdprateget This patch addresses a potential integer overflow in zynqmpdprateget. The issue arises when the expression drmdpbwcodetolinkratedp-test.bwcode 10000 is evaluated using...

Linux Distros Unpatched Vulnerability : CVE-2026-34180

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer...

2026-06 .NET 9.0.17 Security Update for x64 Client (KB5097150)

2026-06 .NET 9.0.17 Security Update for x64 Client KB5097150...

CVE-2026-34180 Heap Buffer Over-read in ASN.1 Content Parsing

Issue summary: Parsing a crafted DER-encoded ASN.1 structure with a primitive element whose content exceeds 2 gigabytes in length may cause a heap buffer over-read on 64-bit Unix and Unix-like platforms. Impact summary: The heap buffer over-read may crash the application Denial of Service or to...

PT-2026-47829

Name of the Vulnerable Software and Affected Versions OpenSSL affected versions not specified Description An integer truncation in the ASN.1 decoder occurs when parsing a crafted DER-encoded ASN.1 structure with a primitive element exceeding 2 gigabytes in length. This issue specifically affects...

Microsoft Office LTSC 2024 缓冲区错误漏洞

Microsoft Office is a suite of office software products developed by Microsoft Corporation in the United States. Common components of this product include Word, Excel, Access, PowerPoint, and FrontPage. There are security vulnerabilities in Microsoft Office. Attackers can exploit these...

Linux Distros Unpatched Vulnerability : CVE-2026-46190

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mtd: spi-nor: debugfs: fix out-of-bounds read in spinorparamsshow Sashiko noticed an out-of-bounds read 1. In spinorparamsshow, the snorfnames array is passed t...

UBUNTU-CVE-2026-46006

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix u32 overflow in pushbuf reloc bounds check nouveaugempushbufrelocapply validates each relocation with if r-relocbooffset + 4 nvbo-bo.base.size but relocbooffset is u32 uapi/drm/nouveaudrm.h and the integer litera...

CVE-2026-39834

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

CVE-2026-39834

CVE-2026-39834 concerns a flaw in golang.org/x/crypto/ssh where writing data larger than 4GB in a single Write on an SSH channel triggers an integer overflow in the internal payload size calculation. The overflow causes the write loop to spin indefinitely, sending empty packets and making no prog...

PT-2026-42713

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An integer overflow occurs during the internal payload size calculation when writing data exceeding 4GB in a single Write call on an SSH channel. This leads to a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Harden depth calculation functions A vulnerability was identified where the operating system can pass in U32MAX as the size of SQ/RQ/SRQ. This can lead to integer overflow and truncation of the SQ/RQ/SRQ depth values...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a potential out-of-bounds read in iommummioshow. In iommummiowrite, the user-provided offset is validated using the check: iommu-dbgmmiooffset iommu-mmiophysend - 4. This assumes a 4-byte access. However, the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: dm mirror log: The bitsetsize is rounded up to BITSPERLONG. The code in dm-log rounds up bitsetsize to 32 bits. Then, it uses findnextzerobitle on the allocated region. findnextzerobitle accesses the bitmap using unsigned long...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevented overflow during the calculation of wait time. There is a problem identified during code review in tgwithinbpslimit; the expression ‘bpslimit jiffyelapsedrnd’ might cause an overflow. This issue can be fixe...