Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: netdevsim: A trailing zero was added to terminate the string in nsimnexthopbucketactivitywrite. This issue was identified by a static analyzer. We should not forget the trailing zero after copyfromuser if we will perform further...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Tracing: Consider the NULL character when validating the event length. The strlen function returns the length of a string, excluding the null byte. If the string length equals the maximum buffer length, there will be no space lef...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: Space has been reserved for null terminators in propertyEntry. The lists of struct propertyEntry are supposed to be terminated with an empty property. Currently, this driver seems to allocate exactly the amount of spa...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: vpvdpa: fixed the issue where the idtable array was not terminated with a null terminator. Also, an additional virtiodeviceid was allocated as a null terminator. Otherwise, vdpamgmtdevgetclasses might iterate multiple times an...

Astra Linux - уязвимость в ntp

In the mstolfp.c file within NTP 4.2.8p15, there is a buffer overflow vulnerability when a \0' character is added. An adversary may be able to attack a client ntpq process, but they cannot attack the ntpd process...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iio: fixed a potential out-of-bound write issue. The buffer is set to 20 characters. If a caller writes more characters, the count is truncated to the maximum available space in “simplewritetobuffer”. To prevent access by OoB,...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid out-of-boundary access in devs.path - touch /mnt/f2fs/012345678901234567890123456789012345678901234567890123 - truncate -s $102410241024 \ /mnt/f2fs/012345678901234567890123456789012345678901234567890123 -...

Astra Linux - уязвимость в netcdf

A issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxmldecode, when parsing a crafted XML file, performs incorrect memory handling. This results in an overflow of the heap-based buffer when strchr is called, starting with a pointer after a '\0' character where the processing of th...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Buffer validation was corrected by including the size of the null-terminating character in the EA length. The smb2setea function, which handles Extended Attributes EA, conducted buffer validation checks that incorrectly...

SUSE CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

CVE-2026-43082

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: leave space for null terminators on propertyentry Lists of struct propertyentry are supposed to be terminated with an empty property, this driver currently seems to be allocating exactly the amount of entry used. Chan...

PT-2026-37392

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The txgbe driver in the Linux kernel fails to allocate sufficient space for null terminators in lists of struct property entry. These lists are required to be terminated with an empty...

CVE-2026-31778

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

EUVD-2026-26627

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: ensure names are nul-terminated Reject names that lack a \0 character before feeding them to functions that expect c-strings. Fixes tag is the most recent commit that needs this change...

CVE-2026-43028

The CVE-2026-43028 vulnerability affects the Linux kernel netfilter x_tables component. The root cause is that certain names were not guaranteed to be nul-terminated before being passed to functions that expect C strings, which could lead to misprocessing, system instability, or hazardous behavio...

EUVD-2026-26591

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

CVE-2026-31778

Summary: CVE-2026-31778 affects the Linux kernel ALSA caiaq driver (init_card) and is caused by an off-by-one in a whitespace-stripping loop that copies a card id. The 16-byte local buffer can be filled without leaving space for the terminating null, causing a non-null-terminated string to be pas...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to ensure that names end with a null character in netfilter xtables, which could lead to undefined...