84 matches found
CVE-2026-52720
A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: jfs: fixed an array-index-out-of-bounds issue in diNewExt Syz report UBSAN: array-index-out-of-bounds in fs/jfs/jfsimap.c:2360:2 Index -878706688 is out of range for the type 'struct iagctl128' CPU: 1 PID: 5065 Comm:...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: bounds: Use the correct number of bits for CONFIGNRCPUS that is a power of two. The bitsper function rounds up to the next power of two when a power of two is passed as an argument. This can cause crashes on some machines and...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Fixed an out-of-bounds access in parseintegerlimit. When configuring osnoisecpus using the write system call, the following KASAN issue may occur: BUG: KASAN: Out-of-bounds access in parseintegerlimit+0x103/0x130...
Linux Distros Unpatched Vulnerability : CVE-2026-42480
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a...
UBUNTU-CVE-2026-34378
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From 3.4.0 to before 3.4.9, a missing bounds check on the dataWindow attribute in EXR file headers allows an attacker to trigger a signed integer overfl...
CVE-2026-32636
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-17 and 6.9.13-42, the NewXMLTree method contains a bug that could result in a crash due to an out of write bounds of a single zero byte. Versions 7.1.2-17 and 6.9.13-42 fix the issue...
SUSE CVE-2025-71100
In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from ieee80211gettid might be out of range of array size of staentry-tids, so check TID is less than MAXTIDCOUNT. Othwerwise, UBSAN warn: UBSAN:...
Linux Distros Unpatched Vulnerability : CVE-2025-71100
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from...
CVE-2023-53748 media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queue_setup
In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...
OESA-2025-2406 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in ofgetddrtimings We should add the ofnodeput when breaking out of foreachchildofnode as it will automatically increase and...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414582)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414582 advisory. It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986482)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986482 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cm...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986584)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986584 advisory. In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr-cnr to avoid array index out of bound The cmtpaddconnection would add a cm...
EUVD-2025-19839
Malicious code in bioql PyPI...
SUSE CVE-2025-39817
In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190 asanloadN+0x1c/0x28 memcmp+0x98/0xd0...
Linux Distros Unpatched Vulnerability : CVE-2025-39680
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: rtl9300: Fix out-of-bounds bug in rtl9300i2csmbusxfer The data-block0 variable comes from user. Without proper check, the variable may be very large to cau...
UBUNTU-CVE-2025-39680
In the Linux kernel, the following vulnerability has been resolved: i2c: rtl9300: Fix out-of-bounds bug in rtl9300i2csmbusxfer The data-block0 variable comes from user. Without proper check, the variable may be very large to cause an out-of-bounds bug. Fix this bug by checking the value of...
SUSE-SU-2025:20669-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-46733: btrfs: fix qgroup reserve leaks in cowfilerange bsc1230708. - CVE-2025-38006: net: mctp: Do not access ifaindex when missing bsc1244930. -...
Linux Distros Unpatched Vulnerability : CVE-2025-38226
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern...