GHSA-W5P8-4JCX-2J6R imageproc: integer overflow in kernel size check leads to out-of-bounds read

A bounds verification of a slice storage of a 2-dimensional matrix's coefficients a kernel would compare the total size against the product of individual dimensions. This would erroneously cast after the multiplication and consequently fail to detect possible violations when overflow occurs...

imageproc: integer overflow in kernel size check leads to out-of-bounds read

A bounds verification of a slice storage of a 2-dimensional matrix's coefficients a kernel would compare the total size against the product of individual dimensions. This would erroneously cast after the multiplication and consequently fail to detect possible violations when overflow occurs...

Astra Linux - уязвимость в linux-5.15, linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: acct: A potential integer overflow has been fixed in encodecompt. The integer overflow is described with the following code: c 317 static compt encodecomptu64 value 318 319 int exp, rnd; ...... 341 exp 342 exp += value; 343 retur...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: tee: added a overflow check in registershmhelper When special lengths are provided by the user space, registershmhelper may cause an integer overflow when calculating the number of pages covered by a given user space memory regio...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

A out-of-bounds read vulnerability was discovered in the NVMe-oF/TCP subsystem within the Linux kernel. This issue may allow a remote attacker to send a specially crafted TCP packet, triggering a heap-based buffer overflow. As a result, data from kmalloc will be printed, and it may also be leaked...

CVE-2026-31699 crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy CSR to userspace if PSP command failed When retrieving the PEK CSR, don't attempt to copy the blob to userspace if the firmware command failed. If the failure was due to an invalid length, i.e...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013642 advisory. In the Linux kernel, the following vulnerability has been resolved: fpga: prevent integer overflow in dflfeatureioctlsetirq The hdr.count sizeofs32 multiplication ca...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011365 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbdioctl arg...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007005 advisory. In the Linux kernel, the following vulnerability has been resolved: block: avoid possible overflow for chunksectors check in blkstacklimits In blkstacklimits, we che...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013346)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013346 advisory. In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012953)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012953 advisory. Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow. Tenable has...

Exploit for CVE-2026-4747

...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006585 advisory. In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: fix potential integer overflow on shift of a int The left shift of int 32 bit integ...

FreeBSD-SA-26:05.route

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:05.route Security Advisory The FreeBSD Project Topic: Local DoS and possible privilege escalation via routing sockets Category: core Module: route Announced:...

Important: nvlink5

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...

Important: nvidia-imex

Issue Overview: NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of servic...

SUSE CVE-2025-33219

NVIDIA Display Driver for Linux contains a vulnerability in the NVIDIA kernel module where an attacker could cause an integer overflow or wraparound. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or informatio...

CVE-2025-33218

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys, where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...

CVE-2025-33218

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys, where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...

CVE-2025-33218

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer nvlddmkm.sys, where an attacker could cause an integer overflow. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, denial of service, or...