CVE-2026-46016

The CVE-2026-46016 entry concerns the Linux kernel remoteproc: xlnx path. Root cause: code accessed buffer information only when IPI is buffered; fix adds a NULL check in the receive callback to avoid potential NULL-pointer dereference. Affected component is the Linux kernel (remoteproc/xlnx). Th...

CVE-2026-31684

In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...

CVE-2026-31454

In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...

Amazon Linux 2023 : nodejs24, nodejs24-devel, nodejs24-full-i18n (ALAS2023-2026-1404)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1404 advisory. Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using th...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37749)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37749 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb dat...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002920)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002920 advisory. Microarchitectural Fill Buffer Data Sampling MFBDS: Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potential...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000290)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000290 advisory. Microarchitectural Store Buffer Data Sampling MSBDS: Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992398)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992398 advisory. In the Linux kernel, the following vulnerability has been resolved: ca8210: fix maclen negative array access This patch fixes a buffer overflow access of skb-data if...

CVE-2022-50733

CVE-2022-50733 is a Linux kernel vulnerability in the usb: idmouse driver. The issue arises in idmouse_create_image when ftip_command fails and execution flows to a reset path, leaving data in bulk_in_buffer[HEADER..IMGSIZE] uninitialized and causing an invalid dereference when validating the ima...

UBUNTU-CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

CVE-2025-36083

IBM Concert Software (versions 1.0.0–2.0.0) exposes a local-information-disclosure vulnerability due to improper clearing of heap memory before release. This could allow a local attacker to obtain sensitive data from buffers. Remediation: upgrade to IBM Concert Software 2.1.0 as indicated by IBM’...

PT-2025-44184

Name of the Vulnerable Software and Affected Versions IBM Concert Software versions 1.0.0 through 2.0.0 Description The software may allow a local user to access sensitive information from buffers. This occurs because heap memory is not properly cleared before being released. Recommendations Upda...

EUVD-2023-60007

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix a NULL pointer dereference in ath12kmacophwscan In ath12kmacophwscan, the return value of kzalloc is directly used in memcpy, which may lead to a NULL pointer dereference on failure of kzalloc. Fix this bug by...

CVE-2025-40000

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix use-after-free in rtw89coretxkickoffandwait There is a bug observed when rtw89coretxkickoffandwait tries to access already freed skbdata: BUG: KFENCE: use-after-free write in rtw89coretxkickoffandwait...

CVE-2025-40000

CVE-2025-40000 affects the Linux kernel wifi Realtek rtw89 driver. It is a use-after-free in rtw89_core_tx_kick_off_and_wait() when accessing freed skb_data, caused by a race between the waiting and signaling paths of a completion. The issue was fixed in kernel updates (SUSE/OpenSUSE advisories l...

SUSE CVE-2023-53601

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

CVE-2023-53601 bonding: do not assume skb mac_header is set

In the Linux kernel, the following vulnerability has been resolved: bonding: do not assume skb macheader is set Drivers must not assume in their ndostartxmit that skbs have their macheader set. skb-data is all what is needed. bonding seems to be one of the last offender as caught by syzbot:...

EUVD-2024-54544

Malicious code in bioql PyPI...

SUSE CVE-2023-53226

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiexprocessmgmtpacket, mwifiexprocessstarxpacket and mwifiexprocessuaprxpacket, mwifiexuapqueuebridgedpkt and mwifiexprocessrxpacket not out-of-bounds acce...

Linux Distros Unpatched Vulnerability : CVE-2023-53226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiexprocessmgmtpacket, mwifiexprocessstarxpacket and mwifiexprocessuaprxpacket,...