22 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/net: Ensure that the import of the vectorized buffer node is tied to the notification. When support for vectorized registered buffers was added, the import itself uses ‘req’ instead of the notification iokiocb, sr-notif...
PT-2026-47383
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the videobuf2 component of the Linux kernel where the vb2 dma sg mmap function fails to set the VM DONTEXPAND and VM DONTDUMP VMA flags. This inconsistency with vb2 dm...
kernel: io_uring/rsrc: reject zero-length fixed buffer import
A flaw was found in the Linux kernel's iouring subsystem. A local attacker can exploit a vulnerability in the ioimportfixed function by importing a zero-length fixed buffer. This can lead to an out-of-bounds read from slab memory, potentially resulting in information disclosure or a denial of...
ALSA-2026:21557 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...
CVE-2026-43006
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...
CVE-2026-43006 io_uring/rsrc: reject zero-length fixed buffer import
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...
EUVD-2026-26605
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...
CVE-2026-43006
CVE-2026-43006 (Linux kernel io_uring rsr/rsrc): A zero-length fixed-buffer import in io_import_fixed() could trigger a slab-out-of-bounds read due to a boundary check that allows len == 0 to be processed. The underlying issue is in validate_fixed_range(), which permits buf_addr at the end of the...
CVE-2026-43006
In the Linux kernel, the following vulnerability has been resolved: iouring/rsrc: reject zero-length fixed buffer import validatefixedrange admits bufaddr at the exact end of the registered region when len is zero, because the check uses strict greater-than bufend imu-ubuf + imu-len. ioimportfixe...
PT-2026-36423
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the io uring subsystem where the validate fixed range function allows a buffer address at the exact end of a registered region when the length is zero. This occurs...
SUSE CVE-2025-68294
In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...
EUVD-2025-203786
In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...
CVE-2025-68294
In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...
UBUNTU-CVE-2025-68294
In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...
CVE-2025-68294 io_uring/net: ensure vectored buffer node import is tied to notification
In the Linux kernel, the following vulnerability has been resolved: iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req' rather than the notification iokiocb, sr-notif. For non-vectored...
CVE-2025-68294
Summary : CVE-2025-68294 concerns the Linux kernel’s IO_URING/vectored buffer handling. The issue arises in the vectored buffer import path where the import used the wrong IO_kiocb context ('req') instead of the notification context (sr->notif), risking lifetime misalignment between the vector...
Linux Distros Unpatched Vulnerability : CVE-2025-68294
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/net: ensure vectored buffer node import is tied to notification When support for vectored registered buffers was added, the import itself is using 'req'...
PT-2025-51698
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s io uring/net functionality. Specifically, the import process for vectored registered buffers incorrectly uses 'req' instead of the correct io kiocb,...
Linux Distros Unpatched Vulnerability : CVE-2025-39822
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring/kbuf: fix signedness in thislen calculation When importing and using buffers, buf-len is considered unsigned. However, buf-len is converted to signed in...
CVE-2025-39822
The CVE-2025-39822 issue affects the Linux kernel io_uring/kbuf path. Root cause: buf->len is treated unsigned when importing buffers but is converted to signed int when committing, risking negative interpretation for large buffers. Mitigation: the min_t calculation is now unsigned. This is a ...