9049 matches found
CVE-2026-23076
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
CVE-2026-23101
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to ledslist when it is fully ready Before this change the LED was added to ledslist before ledinitcore gets called adding it the list before ledclassdev.setbrightnesswork gets initialized. This leave...
UBUNTU-CVE-2026-23076
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
EUVD-2026-5441
In the Linux kernel, the following vulnerability has been resolved: leds: led-class: Only Add LED to ledslist when it is fully ready Before this change the LED was added to ledslist before ledinitcore gets called adding it the list before ledclassdev.setbrightnesswork gets initialized. This leave...
CVE-2026-23076 ALSA: ctxfi: Fix potential OOB access in audio mixer handling
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
CVE-2026-23076
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
EUVD-2026-5467
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
CVE-2026-23076
CVE-2026-23076 affects the Linux kernel ALSA ctxfi driver: a potential out-of-bounds access in the audio mixer handling due to using conj as a loop index and referencing it in amixer_index() and sum_index(). The issue stems from lack of proper re-initialization of conj, enabling OOB reads at ctam...
CVE-2026-23076 ALSA: ctxfi: Fix potential OOB access in audio mixer handling
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
CVE-2026-23076 ALSA: ctxfi: Fix potential OOB access in audio mixer handling
In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax CMS message with an oversized Initialization Vector IV when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated...
ROS-20260202-73-0043
A vulnerability in the dispc.c component of the Linux operating system kernel is related to memory initialization errors. Exploitation of the vulnerability could allow an attacker to gain access to sensitive data, compromise its integrity, and cause denial of service...
SUSE CVE-2026-23018
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
GHSA-XMFJ-7PP5-FXR6 Llama Stack exposes secret in initialization log
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...
Llama Stack exposes secret in initialization log
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...
CVE-2026-25211
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...
CVE-2026-25211
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...
Security update for freerdp
This update for freerdp fixes the following issues: CVE-2025-4478: Fixed initialization of function pointers after resource allocations bsc1243109 CVE-2026-22851: Fixed RDPGFX ResetGraphics race leading to use-after-free in SDL client sdl-primary bsc1256717 CVE-2026-22852: Fixed...
CVE-2026-25211
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...
CVE-2026-25211
Llama Stack aka llama-stack before 0.4.0rc3 does not censor the pgvector password in the initialization log...