CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

EUVD-2025-210026

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

PT-2026-45636

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: virtio/akcipher – Fixed a stack overflow issue in memcpy. The value of sizeofstruct virtiocryptoakciphersessionpara is less than sizeofstruct virtiocryptoopctrlreq::u. Copying more bytes from the stack variable leads t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

Astra Linux - уязвимость в linux, linux-5.10

A issue was discovered in the Linux kernel before version 5.19. In the pxa3xxgcuwrite function in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict between sizet and int, which causes an integer overflow and bypasses the size check. Additionally, since this parameter is us...

Astra Linux - уязвимость в xorg-server, xwayland

A heap overflow flaw was discovered in X.Org and Xwayland. The calculation of the length in XkbSizeKeySyms differs from what is stored in XkbWriteKeySyms, which may lead to a heap-based buffer overflow...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ethtool: Avoid overflowing the userspace buffer during stats queries The ethtool -S command operates through three ioctl calls: ETHTOOLGSSETINFO for the size, ETHTOOLGSTRINGS for the names, and ETHTOOLGSTATS for the values. If th...

GHSA-R6C9-G6Q5-QRF9 OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size

Summary The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can read beyond the fallback buffer and leak adjacent memory into telemetry. Details...

OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size

Summary The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can read beyond the fallback buffer and leak adjacent memory into telemetry. Details...

Medium: qemu

Issue Overview: hcd-ohci: infinite loop NOTE: Fixed by: https://gitlab.com/qemu-project/qemu/-/commit/129922c2bc398b656a9180150e667f98fdf0d402 v11.0.0-rc1 CVE-2026-3890 virtio-scsi request size mismatch NOTE: Fixed by:...

CVE-2026-43302

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size mismatch. This is because 'maxsegsize' is not set. The kernel defaults ...

BIT-JRE-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

PT-2026-38839

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gst wavparse cue chunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatc...

BIT-JAVA-MIN-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

BIT-JAVA-2024-47776 GHSL-2024-260: GStreamer has a OOB-read in gst_wavparse_cue_chunk

GStreamer is a library for constructing graphs of media-handling components. An OOB-read has been discovered in gstwavparsecuechunk within gstwavparse.c. The vulnerability happens due to a discrepancy between the size of the data buffer and the size value provided to the function. This mismatch...

Linux Distros Unpatched Vulnerability : CVE-2026-43277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than...