CVE-2026-53030

A flaw was found in the Linux kernel, specifically within the i3c master renesas driver. This vulnerability is caused by a memory leak in the renesasi3ci3cxfers function, where an allocated xfer structure is not properly freed. An attacker could potentially exploit this to cause a denial of servi...

DEBIAN-CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

EUVD-2026-39546

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

CVE-2026-55958 Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

CVE-2026-55958

The CVE-2026-55958 issue is a buffer overrun in Renesas TSIP TLS 1.3 transcript handling. In tsip_StoreMessage(), a capacity check for the fixed MSGBAG_SIZE (8 KB) sets an error but does not return, allowing an XMEMCPY to overwrite past the end once the TLS handshake transcript exceeds MSGBAGE_SI...

CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

CVE-2026-55958

Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...

PT-2026-52571

Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An out-of-bounds write exists in the Renesas TSIP TLS 1.3 transcript buffer. In the tsip StoreMessage function, a capacity check for the fixed message bag MSGBAG SIZE sets an error code but...

EUVD-2026-38898

In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesas: Fixed the refcount leak bug In usbhsrza1hardwareinit, the offindnodebyname function will return a node pointer with the refcount incremented. We should use ofnodeput when the node pointer is no longer needed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: drm: renesas: rz-du: mipidsi: Fixed a kernel panic that occurred when rebooting certain panels. Since commit 56de5e305d4b “clk: renesas: r9a07g044: Added MSTOP for RZ/G2L”, we may encounter the following kernel panic when...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: pinctrl: renesas: core: Fixed a possible nullptrderef in shpfcmapresources. This issue could lead to a nullptrderef when using ‘res’. If platformgetresource returns NULL, moving using ‘res’ after devmioremapresource will prevent...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: The reordering of clock handling and power management in the probe function. The initialization sequence in usbhsprobe was reordered to enable runtime PM before accessing registers. This prevents potential...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Flush the notifyhotplugwork When performing continuous unbind/bind operations on the USB drivers available on the Renesas RZ/G2L SoC, a kernel crash with the message “Unable to handle kernel NULL pointer...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Fixed synchronous external abort when unbind is executed. A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: bash modprobe...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

A issue was discovered in the Linux kernel through version 6.3.8. A use-after-free was found in ravbremove in drivers/net/ethernet/renesas/ravbmain.c...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 6.3.2. A use-after-free was found in the renesasusb3remove function in drivers/usb/gadget/udc/renesasusb3.c...

Linux Distros Unpatched Vulnerability : CVE-2026-46310

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: renesas: vsp1: Fix NULL pointer deref on module unload When unloading the module on gen 4, we hit a NULL pointer dereference. This is caused by the clean...