EulerOS Virtualization 2.13.0 : libpng (EulerOS-SA-2026-2174)

According to the versions of the libpng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster image...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: A potential memory leak has been fixed in m920xi2cxfer. The read function is freed when it is determined to be NULL, but not when a read error occurs. The logic should be reversed to avoid a small leak if a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fixed the incorrect setting of maxcorrreaderrors. There is no input validation when using the echo md/maxreaderrors command, and an overflow might occur. Add validation for the input number...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

Linux Distros Unpatched Vulnerability : CVE-2026-33598

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

SUSE SLES12 Security Update : libssh (SUSE-SU-2026:1344-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1344-1 advisory. - CVE-2026-3731: denial of service via out-of-bounds read in SFTP extension name handler bsc1259377. - CVE-2026-0964: SCP protocol path travers...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005762)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005762 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo...

ROS-20260128-73-0024

A vulnerability in the hciinitstagesync function of the Linux operating system kernel is related to read errors outside buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005197)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005197 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: propagate directory read errors from nilfsfindentry Syzbot reported that a task hang occu...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38153)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38153 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: fix error handling of...

ROS-20260120-7364

A vulnerability in the ibftattrshownic driver function drivers/firmware/iscsiibft.c of the Linux kernel is related to read errors outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-71136 media: adv7842: Avoid possible out-of-bounds array accesses in adv7842_cp_log_status()

In the Linux kernel, the following vulnerability has been resolved: media: adv7842: Avoid possible out-of-bounds array accesses in adv7842cplogstatus It's possible for cpread and hdmiread to return -EIO. Those values are further used as indexes for accessing arrays. Fix that by checking return...

CVE-2025-71136

CVE-2025-71136 affects the Linux kernel’s media: adv7842 path. The vulnerability arises when cp_read() or hdmi_read() return -EIO and these values are used as indexes in arrays within adv7842_cp_log_status(), causing possible out-of-bounds accesses. The issue is resolved by adding checks on retur...

CVE-2022-23429

An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash...

SUSE CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-993270)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993270 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix wrong setting of maxcorrreaderrors There is no input check when echo...

EUVD-2023-60461

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

UBUNTU-CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

UBUNTU-CVE-2023-54266

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: m920x: Fix a potential memory leak in m920xi2cxfer 'read' is freed when it is known to be NULL, but not when a read error occurs. Revert the logic to avoid a small leak, should a m920xread call fail...