176 matches found
EUVD-2026-38897
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...
CVE-2026-53029
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...
CVE-2026-53029
CVE-2026-53029: In the Linux kernel’s ntfs3 codepath, an uninitialized LCN could be triggered due to a zero-length path in ntfs_iomap_begin. The bug arises because run_lookup_entry() can fail and leave *len and the new value/err at 0, causing attr_data_get_block_locked() to take an ok path before...
CVE-2026-48140
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...
CVE-2026-48141 Memory leak in NI grpc-device BeginSidebandStream
There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-device 2.17.0 and prior versions...
CVE-2026-48141
There is a memory leak in NI grpc-device BeginSidebandStream that may result in denial of service due to memory exhaustion. This affects NI grpc-device 2.17.0 and prior versions...
CVE-2026-48141
The CVE-2026-48141 entry is confirmed with concrete details: a memory leak in NI grpc-device BeginSidebandStream that can cause denial of service via memory exhaustion. Affected product/versions: NI grpc-device 2.17.0 and earlier. Documented impact is high availability risk due to uncontrolled me...
CVE-2026-48140 Unchecked enum cast vulnerability in NI grpc-device in BeginSidebandStream
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...
CVE-2026-48140
There is an unchecked enum cast vulnerability in NI grpc-device BeginSidebandStream that may allow an attacker to trigger invalid enum states and undefined behavior, potentially resulting in a denial of service. Successful exploitation requires an attacker to supply a specially crafted message...
CVE-2026-48140
NI grpc-device contains an unchecked enum cast vulnerability in BeginSidebandStream affecting version 2.17.0 and earlier. The issue allows triggering invalid enum states and undefined behavior, potentially leading to a denial of service. Exploitation requires sending a specially crafted message w...
PT-2026-50892
Name of the Vulnerable Software and Affected Versions NI grpc-device versions prior to 2.17.0 Description A memory leak exists in the BeginSidebandStream function, which can lead to a denial of service condition caused by memory exhaustion. Recommendations Update to a version later than 2.17.0. A...
EUVD-2026-32269
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
UBUNTU-CVE-2026-45984
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
CVE-2026-45984 gfs2: Fix use-after-free in iomap inline data write path
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...
PT-2026-43851
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the gfs2 iomap inline data write path. The inline data buffer head dibh is released prematurely in the gfs2 iomap begin function via release metapath,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: Drivers: Ethernet: cpsw – Fixed a panic that occurs when interrupt coalescing is set via ethtool. The cpswethtoolbegin function directly returns the result of pmruntimegetsync when it is successful. pmruntimegetsync returns an...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the reference leak The commit 20d72b00ca81 “netfs: Fix the request’s work item to not require a ref” modifies the netfsallocrequest function to initialize the reference counter to 2 instead of 1. The rationale is that...
Astra Linux – Vulnerability in HAPProxy
A vulnerability related to information leaks was discovered in HAProxy versions 2.1, 2.2 before 2.2.27, 2.3, and 2.4 before 2.4.21, 2.5 before 2.5.11, 2.6 before 2.6.8, and 2.7 before 2.7.1. There are 5 bytes that are not initialized in the connection buffer when encoding the FCGIBEGINREQUEST...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: zonefs: fixed zonefsiomapbegin for reads. If a readahead operation is issued on a sequential zone file with an offset that exactly equals the current file size, the iomap type is set to IOMAPUNWRITTEN, which will prevent any I/O...
Astra Linux – Vulnerability in tar
The vulnerability of the obstackbeginworker function in the obstack.c GNU Tar component is related to pointer arithmetic errors. Exploiting this vulnerability allows an attacker to cause service failures...