FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. There is a security vulnerability in FreeBSD, which stems from the lack of verification that the socket descriptors are within the FDSETSIZE limit, potentially leading to stack corruption. If the target application runs...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: HID: cougar – fixed a slab-out-of-bounds read in cougarreportfixup. The reportfixup function for the Cougar 500k Gaming Keyboard did not verify that the size of the report descriptor was correct before accessing it...

Astra Linux - уязвимость в opencv

A issue was discovered in OpenCV 4.1.0. There is a divide-by-zero error in cv::HOGDescriptor::getDescriptorSize in the modules/objdetect/src/hog.cpp module...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in a report descriptor that is smaller than 607 bytes. mtreportfixup attempts...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerabilities have been resolved: dmaengine: zynqmpdma: In the struct zynqmpdmachan, the descsize data type was fixed. In the zynqmpdmaalloc/freechanresources functions, there is a potential overflow in the following expressions: dmaalloccoherentchan-dev, 2...

EUVD-2026-24913

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

CVE-2026-31524

CVE-2026-31524 affects the Linux kernel HID ASUS driver. The asus_report_fixup() function allocated memory with kmemdup() but did not free it, causing a memory leak; the fix switches to devm_kzalloc() so memory is automatically freed with the device. A harmless out-of-bounds read was also correct...

PT-2026-34429

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the asus report fixup function, which returns a buffer allocated via kmemdup without subsequently freeing it. Additionally, an out-of-bounds read exists where the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002733)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002733 advisory. An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to...

kernel: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

A flaw exists in the Linux kernel’s HID multitouch driver function mtreportfixup in drivers/hid/hid-multitouch.c. A malicious HID device may supply a report descriptor smaller than 607 bytes; the function then attempts to access and patch byte offset 607 without first verifying the descriptor...

kernel: HID: multitouch: fix slab out-of-bounds access in mt_report_fixup()

A flaw exists in the Linux kernel’s HID multitouch driver function mtreportfixup in drivers/hid/hid-multitouch.c. A malicious HID device may supply a report descriptor smaller than 607 bytes; the function then attempts to access and patch byte offset 607 without first verifying the descriptor...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989817)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989817 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan fix descsize data type In...

CVE-2025-39948

In the Linux kernel, the following vulnerability has been resolved: ice: fix Rx page leak on multi-buffer frames The iceputrxmbuf function handles calling iceputrxbuf for each buffer in the current frame. This function was introduced as part of handling multi-buffer XDP support in the ice driver...

EUVD-2025-29608

Malicious code in bioql PyPI...

EUVD-2025-28952

Malicious code in bioql PyPI...

SUSE CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

Linux Distros Unpatched Vulnerability : CVE-2025-39806

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in repor...

AZL-74700 CVE-2025-39806 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...