CVE-2026-23285 drbd: fix null-pointer dereference on local read error

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

CVE-2026-23285 drbd: fix null-pointer dereference on local read error

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

CVE-2026-23285

In the Linux kernel, the following vulnerability has been resolved: drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what, NULL, &m; The READCOMPLETEDWITHERROR handler then unconditionally...

Linux Distros Unpatched Vulnerability : CVE-2026-23285

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drbd: fix null-pointer dereference on local read error In drbdrequestendio, READCOMPLETEDWITHERROR is passed to reqmod with a NULL peerdevice: reqmodreq, what,...

UBUNTU-CVE-2026-33069

PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below have a cascading out-of-bounds heap read in pjsipmultipartparse. After boundary string matching, curptr is advanced past the delimiter without verifying it has not reached the buffer end. This...

CVE-2026-31897

CVE-2026-31897 affects FreeRDP prior to 3.24.0, where an out-of-bounds read occurs in freerdp_bitmap_decompress_planar when SrcSize is 0. The function dereferences srcp (pointing to pSrcData) without verifying SrcSize >= 1, causing a read one byte past the end of the source buffer if pSrcData ...

Out-of-bounds Read

Overview Magick.NET-Q8-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...

CVE-2026-30984 iccDEV has a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence()

iccDEV provides a set of libraries and tools for working with ICC color management profiles. Prior to 2.3.1.5, there is a heap out-of-bounds read in CIccCalculatorFunc::ApplySequence causing an application crash. This vulnerability is fixed in 2.3.1.5...

EUVD-2026-9088

Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim's terminal emulator when processing maximum combining characters from Unicode supplementary planes. Version 9.2.0076 fixes the issue...

SUSE CVE-2026-25942

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, xfrailserverexecuteresult indexes the global errorcodenames array 7 elements, indices 0-6 with an unchecked execResult-execResult value received from the server, allowing an out-of-bounds read when the serve...

CVE-2026-23136

In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osdfault When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a separate stat...

PT-2026-8205

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2C SMBUS BLOCK MAX, the length handler sets the state to IMX I2C STATE FAILED. However, i2c imx master isr...

OSV-2026-216 Heap-buffer-overflow in mg_mqtt_next_prop

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=482698892 Crash type: Heap-buffer-overflow READ 1 Crash state: mgmqttnextprop fuzz.c...

RUSTSEC-2026-0080 Multiple soundness issues in `scaly` safe APIs

Affected versions contain multiple safe APIs that can trigger undefined behavior: - Array::index can perform an out-of-bounds read. - String::getlength can perform an out-of-bounds read. - String::appendcharacter can perform an invalid write. - String::tocstring can perform an out-of-bounds write...

CVE-2025-65396

A vulnerability in the boot process of Blurams Flare Camera version 24.1114.151.929 and earlier allows a physically proximate attacker to hijack the boot mechanism and gain a bootloader shell via the UART interface. This is achieved by inducing a read error from the SPI flash memory during the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an ntfs mount that does not set the virtual block size to read the boot block, which could result in a read...

PT-2026-2608

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.18.0-rc2-enjuk-tnguy-00378-g3005f5b77652-dirty Description The Linux kernel contains off-by-one errors in the iavf config rss reg function when configuring RSS hash key and lookup table. These errors can lead t...

RLSA-2026:0126 Moderate: poppler security update

Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. Security Fixes: poppler: Out-of-Bounds Read in Poppler CVE-2025-32365 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information,...

CVE-2026-21488

iccDEV is affected in versions 2.3.1.1 and earlier. The root cause is in CIccTagText::Read, leading to multiple issues: Out-of-bounds Read, Heap-based Buffer Overflow, and Improper Null Termination. The vulnerability is fixed in version 2.3.1.2. According to the connected Red Hat and NVD/OSV reco...

PT-2026-27650

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel where a null-pointer dereference can occur in the drbd request endio function. This happens when READ COMPLETED WITH ERROR is passed to req mod with a...