3417 matches found
Updated openvpn packages fix security vulnerabilities
The updated packages fix security vulnerabilities: Possible 1-byte buffer overrun on NTLMv2 proxy responses. CVE-2026-11771 Memory-leak in tls-crypt-v2 client key handling that could lead to out-of-memory situations and subsequent server crashes. CVE-2026-12932 Use-after-free bug in ackwritebuf,...
Security update for rpcbind (moderate)
openSUSE security update: security update for rpcbind ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:21019-1 Rating: moderate References: bsc1117217 bsc1181400 bsc1267212 Affected Products: openSUSE Leap 16.0...
CVE-2026-53298
A flaw was found in the Linux kernel's airoha network driver. An issue with early initialization of the ndesc variable in the airohaqdmainitrxqueue routine can lead to a NULL pointer dereference during cleanup. This can result in a Denial of Service DoS condition. Additionally, improper ordering ...
SUSE CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
DEBIAN-CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
UBUNTU-CVE-2026-53296
In the Linux kernel, the following vulnerability has been resolved: mailbox: mailbox-test: free channels on probe error On probe error, free the previously obtained channels. This not only prevents a leak, but also UAF scenarios because the client structure will be removed nonetheless because it...
UBUNTU-CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
CVE-2026-53298
In CVE-2026-53298, the Linux kernel airoha network driver is affected by a race in initialization: ndesc is initialized too early in airoha_qdma_init_rx_queue(), causing a NULL pointer dereference during cleanup if allocation fails. The documented fix moves ndesc initialization to the end of airo...
CVE-2026-53298
In the Linux kernel, the following vulnerability has been resolved: net: airoha: Move ndesc initialization at end of airohaqdmainitrxqueue If queue entry or DMA descriptor list allocation fails in airohaqdmainitrxqueue routine, airohaqdmacleanup will trigger a NULL pointer dereference running...
PT-2026-53019
Name of the Vulnerable Software and Affected Versions python-socketio versions prior to 5.16.2 Description The server stores binary EVENT and ACK messages in memory while awaiting their binary attachments. An attacker can trigger a memory exhaustion issue by submitting a binary message and...
PT-2026-52937
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the airoha qdma init rx queue function when queue entry or DMA descriptor list allocation fails. This happens because the ndesc variable is initializ...
CVE-2026-6432 Improper bounds validation in EmberZNet SDK
Improper bounds validation in EmberZNet SDK versions 9.0.2 and earlier may result in crashes or dynamic memory leakage...
EUVD-2026-38981
In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Wifi: rtl818x: Fixed potential memory leaks in rtl8180initrxring In rtl8180initrxring, memory is allocated for skb packets and DMA allocations within a loop. When an allocation fails, the previously successful allocations are not...
Astra Linux – Vulnerability in imagemagick
ImageMagick is free and open-source software used for editing and manipulating digital images. Before versions 7.1.2-15 and 6.9.13-40, msl.c sometimes failed to update the stack index. As a result, an image might be stored in the wrong slot and never freed upon an error, leading to leaks. Version...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: Platform/x86: toshibahaps: Fixed memory leaks in the add/remove routines. - toshibahapsadd leaks the haps object allocated by it if an error occurs after successfully allocating that object. - toshibahapsremove does not free t...
PT-2026-52007
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the ath11k wifi driver during beacon template setup. The functions ath11k mac setup bcn tmpl ema and ath11k mac setup bcn tmpl mbssid allocate memory for beacon...
USN-8461-1 linux-azure vulnerabilities
It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...
OPENSUSE-SU-2026:21019-1 Security update for rpcbind
This update for rpcbind fixes the following issues - Update to rpcbind 1.2.9 bsc1267212 https://lore.kernel.org/linux-nfs/[email protected]/ rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist rpcbind: Stop unauthenticated oversized allocation in PMAPPROCCALLIT...
SUSE-SU-2026:22259-1 Security update for rpcbind
This update for rpcbind fixes the following issues - Update to rpcbind 1.2.9 bsc1267212 https://lore.kernel.org/linux-nfs/[email protected]/ rpcinfo: stack buffer overflow in rpcinfo rpcbaddrlist rpcbind: Stop unauthenticated oversized allocation in PMAPPROCCALLIT...