OSV-2026-882 Null-dereference READ in cram_decoder_init

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520827587 Crash type: Null-dereference READ Crash state: cramdecoderinit cramdecodecompressionheader cramnextslice...

SUSE CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

UBUNTU-CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

EUVD-2026-32471

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

CVE-2026-46088

The CVE-2026-46088 entry concerns the Linux kernel ALSA control code. The issue occurs in snd_ctl_elem_init_enum_names() as it advances a pointer through a names buffer while decrementing buf_len; when buf_len hits zero but items remain, a subsequent strnlen(p, 0) could be triggered. Fortify chec...

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

PT-2026-47120

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=516422427 Crash type: Heap-buffer-overflow READ 1 Crash state: ihevcd sao shift ctb ihevcd process ihevcd parse slice data...

PT-2026-43956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the ALSA control component within the snd ctl elem init enum names function. The function advances a pointe...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: virtiofs: added a check for the filesystem context source name In certain scenarios, for example during fuzz testing, the source name may be NULL, which could lead to a kernel panic. Therefore, an additional check for the source...

SUSE CVE-2026-43267

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential zero beacon interval in beacon tracking During fuzz testing, it was discovered that bssconf-beaconint might be zero, which could result in a division by zero error in subsequent calculations. Set a...

ARIstoteles -- Dissecting Apple's Baseband Interface

Wireless chips and interfaces expose a substantial remote attack surface. As of today, most cellular baseband security research is performed on the Android ecosystem, leaving a huge gap on Apple devices. With iOS jailbreaks, last-generation wireless chips become fairly accessible for performance...

UBUNTU-CVE-2026-23265

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...

OSV-2026-357 Heap-buffer-overflow in _cupsRasterAddError

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=489911024 Crash type: Heap-buffer-overflow WRITE 3 Crash state: cupsRasterAddError cupsRasterExecPS fuzzcups.c...

OSV-2026-338 Use-of-uninitialized-value in pjsip_auth_clt_init_req

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=488721002 Crash type: Use-of-uninitialized-value Crash state: pjsipauthcltinitreq fuzz-sip.c fuzz-sip.c...

OSV-2026-272 Heap-use-after-free in vcardproperty_get_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=485932113 Crash type: Heap-use-after-free READ 8 Crash state: vcardpropertygetvalue vcardpropertygetversion parsevcard...

EUVD-2024-53820

Malicious code in bioql PyPI...

EUVD-2022-6504

Malicious code in bioql PyPI...

EUVD-2023-43736

Malicious code in bioql PyPI...

UBUNTU-CVE-2022-50407

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - increase the memory of local variables Increase the buffer to prevent stack overflow by fuzz test. The maximum length of the qos configuration buffer is 256 bytes. Currently, the value of the 'val buffer' i...

CVE-2023-53439 net: skb_partial_csum_set() fix against transport header magic value

In the Linux kernel, the following vulnerability has been resolved: net: skbpartialcsumset fix against transport header magic value skb-transportheader uses the special 0xFFFF value to mark if the transport header was set or not. We must prevent callers to accidentaly set skb-transportheader to...