CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

CVE-2026-46088

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

CVE-2026-46088 ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()

In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...

CVE-2026-46088

ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the function sndctllem elememinit Enumnames does not perform a boundary check when...

PT-2026-43956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the ALSA control component within the snd ctl elem init enum names function. The function advances a pointe...

CVE-2026-43495 net: wwan: t7xx: validate port_count against message length in t7xx_port_enum_msg_handler

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed an out-of-bounds read in sndusbgetaudioformatuac3 In sndusbgetaudioformatuac3, the length value returned from sndusbctlmsg is used directly for memory allocation without validation. This length is controlle...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux

In the Linux kernel, the following vulnerability has been resolved: Wifi: ath9khtc: Use skbsetlength to reset urb before resubmitting it. Syzbot points out that skbtrim has a sanity check on the existing length of the skb; this length might not be initialized in some error-prone situations. The...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fixed the handling of the host-controlled quote buffer length. The host-controlled value quotebuf-outlen is validated to determine how many bytes of the quote are copied to the guest userspace. In TDX environment...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Wifi: mac80211 – Increase scanieslen for S1G. Currently, the S1G capability element is not taken into consideration when calculating scanieslen, which results in a buffer length validation failure in the ieee80211prephwscan...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: check that the event count does not exceed the event buffer length The event count is read from the register DWC3GEVNTCOUNT. There is a check to ensure that the count is zero, but no check is performed to ensur...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fixed a 1-byte out-of-bounds read in uvcparseformat. The check for the buffer length before calling uvcparseformat only ensured that the buffer contained at least 3 bytes buflen 2. However, the function accesses...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: Fixed the issue where no check was performed to determine whether skb actually contained an ACL header. Otherwise, the code might attempt to access uninitialized/invalid memory beyond the valid skb-data...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validates buffer length during parsing of the index. The indxread function is called when there are certain NTFS directory operations that require more information from the index buffers. This adds a sanity check to...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: net: qrtr: Fixed a bug related to access to the uninit variable in qrtrtxresume. Syzbot reported the following bugs: ===================================================== BUG: KMSAN: uninit-value in qrtrtxresume+0x185/0x1f0...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: netrom: Check the buffer length before accessing it. Syzkaller reports an uninit value being read from ax25cmp when sending raw messages through the ieee802154 implementation.================================================BUG...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdCompleteevt, if the command completion event has an unknown opcode, we assume that the first byte of the remaining skb-data contains the return status...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the BPF code, ensure that skb-len != 0 when redirecting a packet to a tunneling device. The syzkaller function managed to trigger another case where skb-len == 0 when entering devqueuexmit. WARNING: CPU: 0, PID: 2470; Location...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Corrected the incorrect validation of the next buffer length in smb2setea. There are multiple smb2eainfo buffers in the FILEFULLEAINFORMATION request from the client. ksmbd uses the NextEntryOffset of the current...