CVE-2026-46044

A flaw was found in the Linux kernel's Intelligent Platform Management Interface IPMI SSIF SMBus System Interface driver. If an error occurs after a kernel thread kthread is created but before the main IPMI code initializes the SSIF interface, the kthread may not be properly stopped. This could...

i2c: s3c24xx: check the size of the SMBUS message before using it

...

DEBIAN-CVE-2026-31627

In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCKMAX before processing it. This i...

EUVD-2026-25520

In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCKMAX before processing it. This i...

CVE-2026-31627 i2c: s3c24xx: check the size of the SMBUS message before using it

In the Linux kernel, the following vulnerability has been resolved: i2c: s3c24xx: check the size of the SMBUS message before using it The first byte of an i2c SMBUS message is the size, and it should be verified to ensure that it is in the range of 0..I2CSMBUSBLOCKMAX before processing it. This i...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of verification of SMBUS message sizes in s3c24xx, potentially leading to out-of-bounds...

PT-2026-34979

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the i2c s3c24xx driver where the size of an i2c SMBUS message is not verified. The first byte of the message, which represents the size, must be checked to ensure it...

CVE-2025-39928

CVE-2025-39928 affects the Linux kernel RTL9300 I2C driver. The vulnerability arises from not validating the transfer length in rtl9300_i2c_config_xfer, allowing a data length of 0 to underflow and be treated as 16 due to (len - 1) & 0xf, which can trigger a 16-byte write and potentially soft-bri...

CVE-2025-39680

In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300i2csmbusxfer The data-block0 variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug. Fix this bug by checking the value of...

Linux Distros Unpatched Vulnerability : CVE-2022-3077

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overflow vulnerability was found in the Linux kernel Intel's iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via...

i2c: tegra: check msg length in SMBUS block read

...

SUSE CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the tegra i2c module not validating the SMBUS block read message length, which could result in a buffer overflow...

kernel: Linux kernel (i2c Tegra): Information disclosure or denial of service via SMBUS block read with invalid length

A flaw was found in the Linux kernel's i2c Tegra driver. A local attacker with high privileges could exploit this vulnerability by providing a specially crafted SMBUS System Management Bus block read message with an invalid length. This could lead to an out-of-bounds read, potentially resulting i...

kernel: Linux kernel (i2c Tegra): Information disclosure or denial of service via SMBUS block read with invalid length

A flaw was found in the Linux kernel's i2c Tegra driver. A local attacker with high privileges could exploit this vulnerability by providing a specially crafted SMBUS System Management Bus block read message with an invalid length. This could lead to an out-of-bounds read, potentially resulting i...

PT-2025-30830

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the i2c subsystem, specifically in the tegra driver related to SMBUS block read operations. The vulnerability occurs when processing message...

kernel: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()

A flaw was found in the Linux kernel. The following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbfi2csmbusstarttransaction...

kernel: an out-of-bounds vulnerability in i2c-ismt driver

An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2CSMBUSBLOCKDATA with the ioctl I2CSMBUS with malicious input data. This flaw allows a local user to crash the system...

kernel: i2c: unbounded length leads to buffer overflow in ismt_access()

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. In particular, the userspace controllable "data-block0" variable was not capped to a numbe...

kernel: i2c: unbounded length leads to buffer overflow in ismt_access()

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. In particular, the userspace controllable "data-block0" variable was not capped to a numbe...