4725 matches found
RLSA-2026:18421 Moderate: luksmeta security update
LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...
scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()
...
SUSE CVE-2026-46217
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
SUSE CVE-2026-46237
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-46198
A flaw was found in the Linux kernel's batman-adv component. An integer overflow in the batadvivogmsendtoif function, specifically with the buffpos variable, can lead to an out-of-bound read. This occurs because the size check uses an int type while buffpos uses an s16 type, causing a mismatch th...
CVE-2026-46217
A flaw was found in the Linux kernel, specifically within the AMD GPU Graphics Processing Unit driver component drm/amdgpu/vcn4. This vulnerability is caused by an integer overflow during a message bound check. An attacker could potentially exploit this flaw to cause system instability or a denia...
CVE-2026-33463
Operation on a Resource after Expiration or Termination CWE-672 in Kibana can lead to unauthorized information disclosure. A logic error in how expiration timestamps were validated allowed a time-bounded access token to remain usable beyond its intended validity window, enabling an unauthenticate...
RLSA-2026:18824 Moderate: luksmeta security update
LUKSMeta is a simple library for storing metadata in the LUKSv1 header. The luksmeta package is a dependency of the clevis and tang packages, together providing the Network Bound Disk Encryption NBDE in Rocky Linux. Security Fixes: luksmeta: Data corruption when handling LUKS1 partitions with...
CVE-2026-46237
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-46217
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
UBUNTU-CVE-2026-46237
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
UBUNTU-CVE-2026-46217
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-46237
...
CVE-2026-46237
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit db00257ac9e4a51eb2515aaea161a019f7125e10...
CVE-2026-46237
This CVE-2026-46237 entry is rejected/not used and does not represent an active vulnerability.
CVE-2026-46217
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885...
EUVD-2026-32844
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn4: Avoid overflow on msg bound check As pointed out by SDL, the previous condition may be vulnerable to overflow. cherry picked from commit 3c5367d950140d4ec7af830b2268a5a6fdaa3885...
CVE-2026-46217
...
CVE-2026-46217
CVE-2026-46217 concerns the Linux kernel AMDGPU driver component drm/amdgpu/vcn4, where an integer overflow occurs during a message bound check. Red Hat reports the flaw could cause system instability or DoS, indicating the vulnerability lies in the vcn4 code path of the AMDGPU driver. Several so...
CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...