CVE-2026-53123

A flaw was found in the Linux kernel's Multiple Device MD driver, specifically within the raid456 reshape functionality. A local user could trigger a deadlock by freezing the reshape process and writing to the md/suspendlo or md/suspendhi files while direct I/O operations are in progress. This...

EUVD-2026-38991

In the Linux kernel, the following vulnerability has been resolved: md: wake raid456 reshape waiters before suspend During raid456 reshape, direct IO across the reshape position can sleep in raid5makerequest waiting for reshape progress while still holding an activeio reference. If userspace then...

CVE-2026-53123

The CVE relates to the Linux kernel md subsystem during raid456 reshape. If a direct IO operation crosses the reshape boundary, raid5_make_request() can sleep while an active_io reference is held. If userspace freezes reshape and triggers mddev_suspend(), the code kills active_io and waits for in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: md/raid1: The issue of stack memory usage after a return in the raid1reshape function has been fixed. In the raid1reshape function, the newpool is allocated on the stack and assigned to conf-r1biopool. This causes...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dm-raid456, md/raid456: A deadlock has been fixed in dm-raid456 when I/O operations are concurrent with the reshape process. For raid456, if the reshape process is still in progress, then I/O operations across the reshape...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: md: Do not set mddev’s private field to NULL in raid0 with pers-free. In a normal stop process, the following sequence of operations occurs: domdstop | mdstop pers-free; mddev-private=NULL | mdfree free mddev The mdstop function...

SoK: Reshaping Research on Network Intrusion Detection Systems

Network Intrusion Detection Systems NIDS have been studied for decades. Hundreds of papers have, e.g., proposed ways to enhance, harden or bypass NIDS. However, the findings of prior literature are hardly reflected in real-world operational contexts. Such a disconnection is problematic for resear...

OESA-2026-1892 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml through 4.14.3, Bigarray.reshape allows an integer...

OESA-2026-1891 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml through 4.14.3, Bigarray.reshape allows an integer...

OESA-2026-1889 ocaml security update

OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package includes runtime environment, X11 support ,Documentation generator and emacs. Security Fixes: In OCaml through 4.14.3, Bigarray.reshape allows an integer...

DEBIAN-CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

UBUNTU-CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

CVE-2026-34353 affects OCaml up to and including 4.14.3. The Bigarray.reshape operation may trigger an integer overflow when processing untrusted input, allowing reading of arbitrary memory. CVSS indicates a local, high-complexity issue with no user interaction and potential confidentiality impac...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

CVE-2026-34353

In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed...

PT-2026-28619

Name of the Vulnerable Software and Affected Versions OCaml versions through 4.14.3 Description The Bigarray.reshape function in OCaml versions through 4.14.3 contains an integer overflow issue. This can lead to arbitrary memory being read when processing untrusted data. The function...