CVE-2026-45250

CVE-2026-45250 concerns a stack buffer overflow in the FreeBSD kernel arising from setcred(2). The unprivileged user can trigger a copyin into a fixed-size kernel-stack array before validating the number of supplementary groups, causing a stack overflow when the list is large. This allows an unpr...

CVE-2026-45250 Stack buffer overflow via setcred(2)

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

EUVD-2026-31252

The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capaci...

FreeBSD -- Stack buffer overflow via setcred(2)

Problem Description: The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied li...

FreeBSD Security Advisory - FreeBSD-SA-26:18.setcred

FreeBSD Security Advisory - The setcred2 system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15

A flaw was discovered in the exFAT driver of the Linux kernel. The vulnerability resides in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long...

CVE-2026-23276

A flaw was found in the Linux kernel. When a bond device in broadcast mode has Generic Routing Encapsulation GRE tap interfaces configured as slaves, and these GRE tunnels are routed back through the bond, multicast or broadcast network traffic can trigger an infinite recursion. This recursion...

Linux Distros Unpatched Vulnerability : CVE-2026-23276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in...

CVE-2025-70616

Vulnerability: CVE-2025-70616 affects the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0). The IOCTL handler 0x80102058 copies user-supplied Options into a 40-byte stack buffer (Src[40]) without proper bounds checking, via memmove, enabling a stack-based buffer overflow. An attacker w...

SUSE CVE-2025-68361

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

EUVD-2025-205093

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

UBUNTU-CVE-2025-68361

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

CVE-2025-68361 erofs: limit the level of fs stacking for file-backed mounts

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

CVE-2025-68361

CVE-2025-68361 relates to the Linux kernel's EROFS file system. The issue is addressed by a patch that limits the level of file-backed filesystem stacking, mitigating a potential kernel stack overflow (for example, when EROFS mounts itself). The connected documents consistently describe the fix i...

CVE-2025-68361 erofs: limit the level of fs stacking for file-backed mounts

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unrestricted number of filesystem stack layers, which could lead to a kernel stack overflow...

PT-2025-52897

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the erofs filesystem. Specifically, the issue involves insufficient limitations on filesystem stacking for file-backed mounts, potentially...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-42094)

net/iucv: explicit cpumask var allocation on stack For CONFIGCPUMASKOFFSTACK=y kernel, explicit allocation of cpumask variable on stack can cause potential stack overflow. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

EUVD-2009-2899

Malware in sbrugna...

PT-2025-41099

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc2-00320-g1f5abbd77e2c Description A stack overflow can occur due to the rcu irq enter check tick function being probed. Registering a kprobe on this function can lead to a kernel stack overflow when CONFI...