CVE-2026-53146

CVE-2026-53146 describes a Linux kernel Thunderbolt XDomain issue where tb_xdomain_copy() copies req->response_size bytes from the DMA buffer regardless of the actual frame size. When a short response arrives, this can read past valid frame data into stale contents from previous transactions. ...

SUSE CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

CVE-2026-46281 vmalloc: fix buffer overflow in vrealloc_node_align()

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vreallocnodealign Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

PT-2026-47353

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow exists in the vrealloc node align function. When a request is made to shrink an allocation size old size and a new allocation is required due to NUMA node or alignment...

EUVD-2026-24618

Integer overflow in output tensor copy size calculation in Samsung Open Source ONE could cause incorrect copy length and memory corruption for oversized tensors. Affected version is prior to commit 1.30.0...

CLSA-2026-1775689506 libarchive: Fix of CVE-2024-20696

CVE-2024-20696: fix heap buffer overflow via negative copy length in RAR4 reader...

CLSA-2026-1775647149 libarchive: Fix of CVE-2024-20696

CVE-2024-20696: fix heap buffer overflow via negative copy length in RAR4 reader...

CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

PT-2026-6129

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the scsi subsystem, specifically in the qla2xxx driver. The qla27xx copy fpin pkt and qla27xx copy multiple pkt functions use the frame size...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993287)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993287 advisory. In the Linux kernel, the following vulnerability has been resolved: spmi: trace: fix stack-out-of-bound access in SPMI tracing functions tracespmiwritebegin and...

UBUNTU-CVE-2025-68352

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

UBUNTU-CVE-2025-40056

In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copytoiter return value check The return value of copytoiter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values...

EUVD-2023-59941

Malicious code in bioql PyPI...

SUSE CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

DEBIAN-CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

CVE-2023-53320

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

CVE-2023-53320 scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info()

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mrgetalltgtinfo The function mpi3mrgetalltgtinfo has four issues: 1 It calculates valid entry length in alltgtinfo assuming the header part of the struct mpi3mrdevicemapinfo would equal to sizeofu3...

SUSE CVE-2025-37911

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix out-of-bound memcpy during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in bnxtgetcoredump+0x3ef/0x670 bnxten Corrupted memory at...

DEBIAN-CVE-2025-37911

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix out-of-bound memcpy during ethtool -w When retrieving the FW coredump using ethtool, it can sometimes cause memory corruption: BUG: KFENCE: memory corruption in bnxtgetcoredump+0x3ef/0x670 bnxten Corrupted memory at...

PT-2025-22173

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue has been identified in the Linux kernel, specifically in the bnxt en module, when retrieving the FW coredump using ethtool. This can cause memory corruption due...