CVE-2025-68806

CVE-2025-68806 affects the Linux kernel ksmbd’s handling of Extended Attributes (EA). The root cause is a buffer validation flaw in smb2_set_ea where the null terminator’s size (+1) was not included in EaNameLength, leading to incorrect buffer size checks. The patch fixes validation by adding +1 ...

CVE-2025-68806 ksmbd: fix buffer validation by including null terminator size in EA length

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

CVE-2025-68806

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

CVE-2025-68806 ksmbd: fix buffer validation by including null terminator size in EA length

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix buffer validation by including null terminator size in EA length The smb2setea function, which handles Extended Attributes EA, was performing buffer validation checks that incorrectly omitted the size of the null...

PT-2026-2462

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The software contains out-of-bounds read issues within a system component that manages data buffers. Insufficient validation of the maximum buffer size allows the process to attempt reading beyond th...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to account for the size of the null terminator when validating extended attribute buffers, which...

PT-2026-2538

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The smb2 set ea function, responsible for handling Extended Attributes EA, had incorrect buffer validation checks. These checks did not account for the size of the null terminator requir...

CVE-2025-53477

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue...

CVE-2025-53477 Apache Mynewt NimBLE: NULL Pointer Dereference in NimBLE host HCI layer

NULL Pointer Dereference vulnerability in Apache Nimble. Missing validation of HCI connection complete or HCI command TX buffer could lead to NULL pointer dereference. This issue requires disabled asserts and broken or bogus Bluetooth controller and thus severity is considered low. This issue...

Espressif IoT Development Framework 缓冲区错误漏洞

Espressif IoT Development Framework is an open source IoT development framework from Espressif Systems. A buffer error vulnerability exists in Espressif IoT Development Framework versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and prior versions, which stems from insufficient validation of buffer siz...

CVE-2025-68474 ESF-IDF Has Out-of-Bounds Write in ESP32 Bluetooth AVRCP Vendor Command Handling

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, in the avrcvendormsg function of the ESP-IDF BlueDroid AVRCP stack, the allocated buffer size was validated using AVRCMINCMDLEN 20 bytes. However, the actual fixed...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from insufficient validation of the index buffer, which could lead to out-of-bounds reads...

CVE-2025-14409 Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Soda PDF Desktop PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Soda PDF Desktop. User interaction is required to exploit this vulnerability in that the target must visit a...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990396)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990396 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plparhcall, plparhcall9, and...

EUVD-2025-33326

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

AZL-68331 CVE-2025-39957 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

UBUNTU-CVE-2025-39957

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

CVE-2025-39957 wifi: mac80211: increase scan_ies_len for S1G

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: increase scanieslen for S1G Currently the S1G capability element is not taken into account for the scanieslen, which leads to a buffer length validation failure in ieee80211prephwscan and subsequent WARN in...

CVE-2025-39957

CVE-2025-39957 affects the Linux kernel wireless stack (wifi: mac80211) where S1G capability length was not accounted for in scan_ies_len, causing a buffer length validation failure in ieee80211_prep_hw_scan() and a WARN in __ieee80211_start_scan(). The fix adds S1G length to the calculation to e...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to consider the scanieslen length of the S1G capability element, which could lead to a buffer leng...