PT-2026-37402

In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AF XDP bind currently accepts zero-copy pool configurations without verifying that the device MTU fits into the usable frame space provided by the UMEM chunk. This becomes a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a potential out-of-bounds write issue in getfileallinfo for compound requests. When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION, and the first command consumes nearly the entire...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: A use-after-free issue was addressed in emacmactxbufsend. In emacmactxbufsend, it calls emactxfilltpd.., skb,... If an error occurs in emactxfilltpd, the skb will be freed via devkfreeskbskb in the error branch...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: Fixed a bug related to access to the uninit variable in qrtrtxresume. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...

Linux Distros Unpatched Vulnerability : CVE-2026-31708

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path...

CVE-2026-31708

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB read in smb2ioctlqueryinfo QUERYINFO path smb2ioctlqueryinfo has two response-copy branches: PASSTHRUFSCTL and the default QUERYINFO path. The QUERYINFO branch clamps qi.inputbufferlength to the server-report...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an unchecked response buffer size in the QUERYINFO path of the smb2ioctlqueryinfo function. This...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

PT-2026-36475

Two heap-based out-of-bounds read vulnerabilities in the STL ASCII file parser in Open CASCADE Technology OCCT V8 0 0 rc5 exist in RWStl Reader::ReadAscii because buffers returned by Standard ReadLineBuffer::ReadLine are not properly length-validated before strncasecmp or direct byte access...

CVE-2026-42477

The CVE describes a heap-based out-of-bounds read in Open CASCADE Technology (OCCT) v8_0_0_rc5 within the OBJ file parser. The vulnerability affects RWObj_Reader::read, caused by Standard_ReadLineBuffer::ReadLine() returning a 1-byte buffer for minimal OBJ lines and RWObj_Reader::read() calling p...

CVE-2026-42477

A heap-based out-of-bounds read vulnerability in RWObjReader::read in the OBJ file parser in Open CASCADE Technology OCCT V800rc5 allows user-assisted attackers to cause a denial of service or obtain sensitive information by persuading a victim to open a crafted OBJ file. The issue occurs because...

PT-2026-36448

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienet free tx chain sums the per-BD actual length from descriptor status into a caller-provided...

CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

DEBIAN-CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435 Potential buffer overflow in ns_sprintrrf TSIG handling path

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

EUVD-2026-26036

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...

CVE-2026-5435

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write when printing TSIG records...