469 matches found
EUVD-2026-26561
In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...
CVE-2026-31748
In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...
EUVD-2026-26560
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...
CVE-2026-31747
CVE-2026-31747 affects the Linux kernel code path for comedi me4000 firmware loading. The vulnerability arises when me4000_xilinx_download() blindly trusts the firmware file format and reads a header length from the first 4 bytes into file_length, then reads data from offset 16 of length file_len...
CVE-2026-31747
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...
PT-2026-36384
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the comedi ni atmio16d driver where the atmio16d detach handler function calls reset atmio16d unconditionally during a failed attach process. If the atmio16d attach...
PT-2026-36386
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The dt2815 driver crashes when attached to I/O ports without actual hardware present. This occurs because users can attach the driver to arbitrary I/O addresses via the 'COMEDI DEVCONFIG...
PT-2026-36382
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me4000 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length from the first 4 bytes into...
PT-2026-36385
In the Linux kernel, the following vulnerability has been resolved: comedi: runflags cannot determine whether to reclaim chanlist syzbot reported a memory leak 1, because commit 4e1da516debb "comedi: Add reference counting for Comedi command handling" did not consider the exceptional exit case in...
PT-2026-36383
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overrun can occur in the me2600 xilinx download function when loading firmware requested by request firmware. The function reads a data stream length into the file length variab...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013759)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013759 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011223)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011223 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: fix divide-by-zero in comedibufmunge The comedibufmunge function performs a modulo...
CLSA-2026-1775779453 Fix of 68 CVEs
CVE-2025-39743 - jfs: truncate good inode pages when hard link is 0 CVE-2025-39743 CVE-2025-39685 - comedi: pcl726: Prevent invalid irq number CVE-2025-39685 CVE-2025-38713 - hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc CVE-2025-38713 CVE-2025-38699 - scsi: bfa: Double-free fix...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006798)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006798 advisory. In the Linux kernel, the following vulnerability has been resolved: comedi: vmk80xx: fix incomplete endpoint checking While vmk80xx does have endpoint checking...
ROS-20260407-73-0029
A vulnerability in the comedi driver of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260407-73-0030
A vulnerability in the comedi/drivers/pcl726.c component of the Linux operating system kernel is related to reading outside the allowed data buffer boundaries. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260407-73-0031
A vulnerability in the comedi driver of the Linux operating system kernel is related to information disclosure. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260403-73-0027
A vulnerability in the comedi/comedifops.c component of the Linux kernel is related to memory usage after it has been freed. Exploitation of the vulnerability allows an attacker to cause a denial of service...
ROS-20260317-73-0018
A vulnerability in the doinsnioctl function of the comedi component of the Linux kernel is related to incorrect resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
ROS-20260317-73-0021
A vulnerability in the drivers/comedi/drivers/das6402.c module of the Linux operating system kernel is related to a violation of the initial buffer boundary. Exploitation of the vulnerability could allow an attacker to cause a denial of service...