SUSE CVE-2026-31433

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

CVE-2026-31478

A flaw was found in ksmbd within the Linux kernel. This vulnerability occurs due to an incorrect calculation of the response buffer length in the smb2calcmaxoutbuflen function. The function used a hardcoded value instead of the proper offset, which could lead to issues in how response buffers are...

CVE-2026-31478

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 "ksmbd: add support for read compound", response buffer management was changed to use dynamic iov array. In the new design,...

CVE-2026-31470 virt: tdx-guest: Fix handling of host controlled 'quote' buffer length

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value quotebuf-outlen that determines how many bytes of the quote are copied out to guest userspace. In TDX environments with remote...

EUVD-2026-24641

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

CVE-2026-31433

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

CVE-2026-31433

CVE-2026-31433 affects the Linux kernel ksmbd module. A vulnerability arises when processing a compound SMB request of QUERY_DIRECTORY + QUERY_INFO (FILE_ALL_INFORMATION): the code lacked a validation check on the client-provided OutputBufferLength before copying a filename into the smb2_file_all...

CVE-2026-31433 ksmbd: fix potencial OOB in get_file_all_info() for compound requests

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial OOB in getfileallinfo for compound requests When a compound request consists of QUERYDIRECTORY + QUERYINFO FILEALLINFORMATION and the first command consumes nearly the entire maxtranssize, getfileallinfo woul...

PT-2026-34383

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ksmbd module where the smb2 calc max out buf len function used a hardcoded magic number for the hdr2 len argument instead of the correct offset of the Buffer field...

PT-2026-34375

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the tdx-guest component where the host-controlled value quote buf-out len is not properly validated. This value determines the number of bytes of the quote copied to...

PT-2026-34276

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the ksmbd component within the get file all info function during the processing of compound requests consisting of QUERY DIRECTORY and QUERY INFO FILE AL...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013396)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013396 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013452)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013452 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

Unity Linux 20.1050a / 20.1060a Security Update: kernel (UTSA-2026-013389)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013389 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

Linux Distros Unpatched Vulnerability : CVE-2026-31478

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: replace hardcoded hdr2len with offsetof in smb2calcmaxoutbuflen After this commit e2b76ab8b5c9 ksmbd: add support for read compound, response buffer...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007301)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007301 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsimodesense buffer length handling Several problems exist with scsimodesense...

PT-2026-33529

Name of the Vulnerable Software and Affected Versions libgphoto2 versions prior to 2.5.34 Description An out-of-bounds read exists in the ptp unpack DPV function within camlibs/ptp2/ptp-pack.c. The issue occurs during the handling of UINT128 and INT128 cases, where the offset variable is advanced...

CVE-2026-40253 openCryptoki: Memory safety vulnerabilities in BER/DER decoders in asn1.c

openCryptoki is a PKCS11 library and provides tooling for Linux and AIX. In versions 3.26.0 and below, the BER/DER decoding functions in the shared common library asn1.c accept a raw pointer but no buffer length parameter, and trust attacker-controlled BER length fields without validating them...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: freerdp (UTSA-2026-007193)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007193 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen doe...

UBUNTU-CVE-2026-39979

jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the jvparsesized API in libjq accepts a counted buffer with an explicit length parameter, but its error-handling path formats the input buffer using %s in jvstringfmt, which reads until a NUL terminat...