CVE-2026-53208 Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

PT-2026-36399

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access occurs in the st lsm6dsx hwfifo odr store function when userspace writes to the buffer sampling frequency sysfs attribute. This function calls st lsm6dsx check od...

OSV-2026-97 Heap-buffer-overflow in vpx_wb_write_literal

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=476466137 Crash type: Heap-buffer-overflow WRITE 1 Crash state: vpxwbwriteliteral vp9packbitstream encodeframetodatarate...

CVE-2025-12035 Bluetooth: Integer Overflow in Bluetooth Classic (BR/EDR) L2CAP

An integer overflow condition exists in Bluetooth Host stack, within the btbraclrecv routine a critical path for processing inbound BR/EDR L2CAP traffic...

EUVD-2025-35839

In the Linux kernel, the following vulnerability has been resolved: can: peakusb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 which is the case for PC CAN FD interfaces supported by this driver. mkl: update subject, apply...

Phoenix: Rowhammer Attacks on DDR5 Memory

Mitigation AMD released updated Platform Initialization PI packages to the Original Equipment Manufacturers OEM for AMD Ryzen™ Series processors. These updates allow customers to enable Mixed Refresh Mode, which is an existing DRAM workaround to rowhammer-style attacks. Please contact your OEM fo...

SK Hynix DDR5 安全漏洞

SK Hynix DDR5 is a double data rate synchronous dynamic random access memory from SK Hynix South Korea. A security vulnerability exists in SK Hynix DDR5 versions 2021-1 through 2024-12, which originates from a local attacker who can trigger a Rowhammer bit flip, potentially impacting hardware...

The Trip to ZigBee Backscatter across a Decade, a Systematic Review

The field of backscatter communication has undergone a profound transformation, evolving from a niche technology for radio-frequency identification RFID into a sophisticated paradigm poised to enable a truly battery-free Internet of Things IoT. This evolution is built upon a deepening understandi...

CVE-2025-4821

Impact Cloudflare quiche was discovered to be vulnerable to incorrect congestion window growth, which could cause it to send data at a rate faster than the path might actually support. An unauthenticated remote attacker can exploit the vulnerability by first completing a handshake and initiating ...

quiche 安全漏洞

quiche is a Cloudflare open source implementation of the IETF-designated QUIC transport protocol and HTTP/3. A security vulnerability exists in quiche that stems from an improperly growing congestion window that could cause data to be sent at a rate that exceeds the path support capability...

DEBIAN-CVE-2024-50232

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124setchannelodr In the ad7124writeraw function, parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within ad7124setchannelodr. T...

UBUNTU-CVE-2024-50232

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124setchannelodr In the ad7124writeraw function, parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within ad7124setchannelodr. T...

kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses

A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live...

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a denial of service issue in Core when a DDR memory check is called and DDR is not initialized...

PT-2023-13275 · Core · Core

Name of the Vulnerable Software and Affected Versions: Core affected versions not specified Description: The issue is related to memory corruption caused by integer overflow or wraparound in Core during DDR memory assignment. Recommendations: At the moment, there is no information about a newer...

Ddr4 Dram 安全漏洞

Ddr4 Dram is a synchronous dynamic random access memory. A security vulnerability exists in DDR4 DRAM that originated in the product that allows an unprivileged system user to use a Rowhammer attack variant to trigger bit corruption across memory spaces. An attacker could cause a denial of servic...

Design/Logic Flaw

Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software 6.4.0.2900 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a fi...

Lenovo ThinkPad Bluetooth with Enhanced Data Rate Arbitrary DLL Injection Code Execution Vulnerability

The remote host has a version of Lenovo ThinkPad Bluetooth with Enhanced Data Rate installed that uses fixed paths for including DLL files that may not be trusted. By tricking a user into opening a file in a directory accessible by an attacker, it may be possible to inject and execute code from...

Lenovo ThinkPad Bluetooth with Enhanced Data Rate Detection

The remote host has Lenovo ThinkPad Bluetooth with Enhanced Data Rate installed, a set of drivers and tools for managing Bluetooth connections on Lenovo ThinkPad computers. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65985; scriptversion"1.8";...

Vulnerability in Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software Could Allow Arbitrary Code Execution

Executive Summary Microsoft is providing notification of the discovery and remediation of a vulnerability affecting Lenovo ThinkPad Bluetooth with Enhanced Data Rate Software version 6.4.0.2900 and earlier versions. Microsoft discovered and disclosed the vulnerability under coordinated...