Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: iio: Magnetometer: rm3100 – added a boundary check for the value read from RM3100REGTMRC. Recently, we encountered a kernel crash in the function rm3100commonprobe, caused by out-of-bound access to the array rm3100samprates due t...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fixed an issue where the BIOS boundary checking was off by one. Bounds checking during the parsing of init scripts embedded in the BIOS prevents access to the last byte. This causes driver initialization to fail on...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: A boundary check was added before installing cq callbacks. A boundary check has been added inside manaibinstallcqcb to prevent index overflow...

CVE-2026-43982

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

EUVD-2026-33905

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

CVE-2026-5422 Path Traversal in jupyter/jupyter

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

CVE-2026-5422 Path Traversal in jupyter/jupyter

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

CVE-2026-5422

A path traversal vulnerability exists in jupyter-server version 2.17.0 due to an incorrect root directory boundary check in the getospath function within jupyterserver/services/contents/fileio.py. The check uses startswithroot without appending a trailing path separator, allowing sibling...

PT-2026-45727

Name of the Vulnerable Software and Affected Versions jupyter-server version 2.17.0 Description A path traversal issue exists due to an incorrect root directory boundary check in the get os path function within jupyter server/services/contents/fileio.py. The check utilizes startswithroot without...

GHSA-MJ4X-VF5C-5XG8 compliance-trestle Profile Import has an Arbitrary File Read via trestle:// URI and Relative Path Traversal

Summary The compliance-trestle library's profile import mechanism resolves trestle:// URIs and relative file paths by joining them with trestleroot and calling .resolve, but performs no boundary check to ensure the resolved path stays within the trestle workspace. An attacker can craft a maliciou...

ntfs3: fix integer overflow in run_unpack() volume boundary check

...

CVE-2026-45993

A flaw was found in the Linux kernel, specifically affecting the LoongArch architecture. The system call syscall dispatch table, which handles requests from user programs, does not properly validate the syscall number provided by userspace. This missing boundary check could allow a local attacker...

CVE-2026-46062

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An integer overflow vulnerability exists in the rununpack function's volume boundary check. This flaw occurs because the check uses raw addition, which can wrap around for large values, potentially bypassing validation. This could le...

CVE-2026-46062

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in rununpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use...

UBUNTU-CVE-2026-46062

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in rununpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use...

CVE-2026-46062

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix integer overflow in rununpack volume boundary check The volume boundary check lcn + len sbi-used.bitmap.nbits uses raw addition which can wrap around for large lcn and len values, bypassing the validation. Use...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the function sndctllem elememinit Enumnames does not perform a boundary check when...

CVE-2026-43982

Algernon is a small self-contained pure-Go web server. Prior to 1.17.6, uploadedFileSaveIn in lua/upload/upload.go uses filepath.Join with the caller-supplied directory but performs no boundary check after joining. A directory of ../../../tmp resolves cleanly to /tmp, outside the web root. This...

FastNetMon 缓冲区错误漏洞

FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contained a buffer error vulnerability, which stems from boundary-checking errors in the dynamicbinarybuffert class, potentially leadi...