CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

UBUNTU-CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

EUVD-2026-2672

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Check the length of skb for an unknown CC opcode. In hcicmdCompleteevt, if the command completion event has an unknown opcode, we assume that the first byte of skb-data contains the return status. However, th...

PT-2026-27672

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the ems usb read bulk callback function related to handling USB urb data lengths. The function incorrectly uses the size of the buffer passed to...

PT-2026-2935

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.20.1 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A heap out-of-bounds read occurs in the smartcard SetAttrib path when the cbAttrLen variable does not match the actual NDR buffer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992746)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992746 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that event count does not exceed event buffer length The event count is...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993193 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unverified SKB packet length that could result in references to uninitialized memory...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992678)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992678 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be...

Security Advisory 0132

Security Advisory 0132 . CSAF PDF Date: December 30, 2025 Revision | Date | Changes ---|---|--- 1.0 | December 30, 2025 | Initial release 1.1 | February 3, 2026 | Updated Required Configuration for Exploitation The CVE-ID tracking this issue: CVE-2025-7048 CVSS:3.1 Base Score 4.3...

CLSA-2025-1766598218 opensc: Fix of 4 CVEs

CVE-2024-45616: fix insufficient control of APDU buffer and its length - CVE-2024-45615: initialize uninitialized variables - CVE-2024-45617: fix insufficient or missing checking of return values - CVE-2024-45620: fix incorrect handling length of buffers or files in pkcs15init...

UBUNTU-CVE-2023-54093

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anyseemasterxfer In anyseemasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach...

CVE-2023-54093 media: anysee: fix null-ptr-deref in anysee_master_xfer

In the Linux kernel, the following vulnerability has been resolved: media: anysee: fix null-ptr-deref in anyseemasterxfer In anyseemasterxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach...

Bluetooth: hci_event: validate skb length for unknown CC opcode

...

SUSE CVE-2025-40301

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdcompleteevt, if the command complete event has an unknown opcode, we assume the first byte of the remaining skb-data contains the return status. However,...

CVE-2025-40301

No description is available for this CVE. Mitigation To mitigate this issue, disable the Bluetooth kernel module if Bluetooth functionality is not required. This can be achieved by blacklisting the bluetooth module. Create a file named /etc/modprobe.d/disable-bluetooth.conf with the following...

EUVD-2025-201644

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdcompleteevt, if the command complete event has an unknown opcode, we assume the first byte of the remaining skb-data contains the return status. However,...