SUSE CVE-2026-43005

In the Linux kernel, the following vulnerability has been resolved: hwmon: tps53679 Fix array access with zero-length block read i2csmbusreadblockdata can return 0, indicating a zero-length read. When this happens, tps53679identifychip accesses bufret - 1 which is buf-1, reading one byte before t...

PT-2026-37596

In the Linux kernel, the following vulnerability has been resolved: media: qcom: camss: vfe: Fix out-of-bounds access in vfe isr reg update vfe isr iterates using MSM VFE IMAGE MASTERS NUM7 as the loop bound and passes the index to vfe isr reg update. However, vfe-line array is defined with VFE...

Linux Distros Unpatched Vulnerability : CVE-2026-43241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from array out-of-bounds access during the 22000 series SMEM parsing in iwlwifi...

PT-2026-37581

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An array-index-out-of-bounds access exists in the ntb hw switchtec component of the Non-Transparent Bridge NTB subsystem. The number of Mirror Window MW Look-Up Tables LUTs depends on th...

CVE-2026-31729

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: validate connector number in ucsinotifycommon The connector number extracted from CCI via UCSICCICONNECTOR is a 7-bit field 0-127 that is used to index into the connector array in ucsiconnectorchange. However, t...

DEBIAN-CVE-2026-31622

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digitalinrecvsddres appends 3 or 4 bytes to target-nfcid1 on each round, but the number of cascade rounds is controlled...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013222)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013222 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 ma...

freerdp: FreeRDP has a heap-buffer-overflow in urb_select_interface

A heap buffer overflow has been discovered in FreeRDP. The URBDRC client uses server-supplied interface numbers as array indices without bounds checks, causing an out-of-bounds read in libusbudevselectinterface...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the getupperifindexes function not checking array boundaries, potentially leading to a stack buff...

CVE-2026-0819

A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wcPKCS7BuildSignedAttributes, when adding custom signed attributes, the code passes an incorrect capacity value esd-signedAttribsCount to EncodeAttributes instead of the remaining available space...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

PT-2026-8006

Name of the Vulnerable Software and Affected Versions free5GC version 4.0.1 Description A flaw exists in the AMF component of free5GC that could allow a remote attacker to disrupt service. This happens due to an array index out of bounds condition when processing a specially crafted 5GS Mobile...

CVE-2025-70121

An array index out of bounds vulnerability in the AMF component of free5GC v4.0.1 allows remote attackers to cause a denial of service via a crafted 5GS Mobile Identity in a NAS Registration Request message. The issue occurs in the GetSUCI method NASMobileIdentity5GS.go when accessing index 5 of ...

EUVD-2025-206802

In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe The "index" variable is used as an index into the usbphyc-phys array which has usbphyc-nphys elements. So if it is equal to usbphyc-nphys then it is one element out of bounds. The "index...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005118)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005118 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: Fix array-index-out-of-bounds in diFree Tenable has extracted the preceding description bloc...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46859)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46859 advisory. - In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF...

MiracleLinux 8 : java-21-openjdk-21.0.2.0.13-1.el8.ML.1 (AXSA:2024-7439:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7439:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 9 : java-21-openjdk-21.0.2.0.13-1.el9.ML.1 (AXSA:2024-7447:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7447:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 8 : sqlite-3.26.0-17.el8 (AXSA:2023-4779:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-4779:01 advisory. sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API CVE-2022-35737 Tenable has extracted the preceding description...