Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: nvme-core: fixed a memory leak in dhchapsecretstore Free the dhchapsecret in nvmectrldhchapsecretstore before returning. Fixed the following kmemleak: Unreferenced object 0xffff8886376ea800 size 64: Command "check", PID 22048,...

CVE-2026-50211 Exposed Factory Testing App Boundaries

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

CVE-2026-50211

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

EUVD-2026-34223

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

CVE-2026-50211 Exposed Factory Testing App Boundaries

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers...

CVE-2026-50211

Technical details about CVE-2026-50211 are not publicly provided in the supplied documents. Monitor for updates as additional data may reveal affected products, root cause, and mitigations.

Acer M6E 安全漏洞

The Acer M6E is a portable 5G mobile hotspot device from Acer, a company based in Taiwan, China. The Acer M6E has a security vulnerability, which stems from legacy engineering designs and factory-level diagnostic software. This vulnerability may allow malicious applications to gain access to the...

PT-2026-46163

Name of the Vulnerable Software and Affected Versions Acer Connect M6E 5G Portable WiFi Router affected versions not specified Description Engineering diagnostics and factory-level diagnostic software are exposed on retail builds. This allows malicious applications to obtain write privileges to...

EUVD-2026-34045

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

Linux Distros Unpatched Vulnerability : CVE-2026-46141

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/xive: fix kmemleak caused by incorrect chipdata lookup The kmemleak reports the following memory leak: Unreferenced object 0xc0000002a7fbc640 size 64:...

CVE-2026-10719 Open Seachest/Seachest NVMe show Format Descriptors Vulnerability

Out of bounds write in openSeaChest’s --showSupportedFormats in Seagate’s openSeaChest v25.05.3 on all supported platforms allows for writing 1 extra byte outside of allocated memory which sets a value to 1 via a maliciously crafted NVMe device with a bogus value in the namespace FLBAS byte...

PT-2026-45877

Name of the Vulnerable Software and Affected Versions openSeaChest version 25.05.3 Description An out-of-bounds write exists in the --showSupportedFormats command. This occurs when a maliciously crafted NVMe device provides a bogus value in the namespace FLBAS byte, allowing one extra byte to be...

CVE-2026-46141

A flaw was found in the Linux kernel's powerpc/xive interrupt controller. This vulnerability, identified as a kernel memory leak kmemleak, occurs when allocating Message Signaled Interrupts eXtended MSI-X vectors for NVMe devices. Due to an incorrect lookup of interrupt data, the xiveirqdata...

EUVD-2026-32864

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

CVE-2026-46105 scsi: mpt3sas: Limit NVMe request size to 2 MiB

In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Limit NVMe request size to 2 MiB The HBA firmware reports NVMe MDTS values based on the underlying drive capability. However, because the driver allocates a fixed 4K buffer for the PRP list, accommodating at most 5...

CVE-2026-46105

CVE-2026-46105 affects the Linux kernel mpt3sas SCSI driver. The driver allocates a fixed 4K PRP list buffer, which caps the maximum NVMe I/O transfer size at 2 MiB. The HBA firmware reports NVMe MDTS, but the mismatch with the 2 MiB limit can lead to oversized I/O requests and potentially a kern...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an improper limit on NVMe request sizes in the mpt3sas driver. This vulnerability may lead to...

hdd-toolkit

HDD Firmware Toolkit A comprehensive Python toolkit for dumpi...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the nvmepollirqdisable function within nvme-pci. This vulnerability may lead ...

USN-8244-1 linux, linux-aws, linux-aws-6.17, linux-gcp, linux-gcp-6.17, linux-hwe-6.17, linux-oracle, linux-realtime, linux-realtime-6.17 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - NVME drivers; - Netfilter; CVE-2026-23112, CVE-2026-23231, CVE-2026-23273...