SUSE CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021643)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021643 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: check buffer length before accessing it Syzkaller reports an uninit value read from ax25c...

CVE-2026-43304

CVE-2026-43304 affects the Linux kernel libceph component. The flaw arises when decoding key material in process_auth_done(), where the code failed to enforce an upper bound on key length. The fix defines and enforces CEPH_MAX_KEY_LEN and clamps key material to a fixed-size buffer, addressing a v...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a 1-byte out-of-bounds read in uvcparseformat. The check for the buffer length before calling uvcparseformat only ensured that the buffer contained at least 3 bytes buflen 2. However, the function accesses...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdCompleteevt, if the command completion event has an unknown opcode, we assume that the first byte of the remaining skb-data contains the return status...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...

PT-2026-36475

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V8 0 0 rc5 exist in RWStl Reader::ReadAscii because buffers returned by Standard ReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

CVE-2026-1951

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

CVE-2026-1951 No checking of the length of the buffer with the directory name in AS320T

Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability...

CVE-2026-1950 No checking of the length of the buffer with the file name in AS320T

Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability...

CVE-2026-1950

Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability...

CVE-2026-1950

Delta Electronics AS320T has a vulnerability under CVE-2026-1950 where there is no checking of the length of the buffer for the file name. This contributes to a high-severity outcome (CVSS 3.1: 9.8, network attack vector, no authentication, user interaction not required) as per the provided metri...

PT-2026-33529

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description An out-of-bounds read exists in the ptp unpack DPV function within camlibs/ptp2/ptp-pack.c. The issue occurs during the handling of UINT128 and INT128 cases, where the offset variable is advanced...

CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

CVE-2023-54093 media: anysee: fix null-ptr-deref in anysee_master_xfer

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anyseemasterxfer In anyseemasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach...

CVE-2025-39957 wifi: mac80211: increase scan_ies_len for S1G

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

EUVD-2018-3341

Malware in sbrugna...

EUVD-2020-3658

Malware in sbrugna...