264 matches found
kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: In the “block” layer, do not call “rqqosops-donebio” if the bio data structure is not being tracked. The “rqqos” framework is only applied on request-based drivers. Therefore: 1 The “rqqosdonebio” function is not necessary for...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net: mana: Fixed a race condition related to the per-CQ variable napiworkdone. After calling napicompletedone, the NAPIFSTATESCHED bit may be cleared, allowing another CPU to start a napi thread and access the per-CQ variable...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nvmet: A race condition in nvmetbiodone has been fixed; this race condition can lead to a NULL pointer dereferencing. There is a race condition in nvmetbiodone that can cause a NULL pointer dereference in blkcgroupbiostart: 1...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: net/handshake: fixed null-ptr-deref in handshakenldonedoit We should not call tracehandshakecmddoneerr if the socket lookup fails. We should also call tracehandshakecmddoneerr before releasing the file; otherwise, dereferencin...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: libceph: Defined and enforced the CEPHMAXKEYLEN. When decoding the key, verify that the key material fits into a fixed-size buffer in processauthdone, and that its length is reasonable. The new CEPHMAXKEYLEN check replaces the...
kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...
kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...
kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...
PT-2026-43948
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel crypto acomp component. The function acomp save req incorrectly stores the address of the chain member &req-chain in req-base.data...
kernel: libceph: prevent potential out-of-bounds reads in handle_auth_done()
In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog...
SUSE CVE-2026-43304
In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPHMAXKEYLEN When decoding the key, verify that the key material would fit into a fixed-size buffer in processauthdone and generally has a sane length. The new CEPHMAXKEYLEN check replaces the existin...
CVE-2026-43304
In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPHMAXKEYLEN When decoding the key, verify that the key material would fit into a fixed-size buffer in processauthdone and generally has a sane length. The new CEPHMAXKEYLEN check replaces the existin...
CVE-2026-43304 libceph: define and enforce CEPH_MAX_KEY_LEN
In the Linux kernel, the following vulnerability has been resolved: libceph: define and enforce CEPHMAXKEYLEN When decoding the key, verify that the key material would fit into a fixed-size buffer in processauthdone and generally has a sane length. The new CEPHMAXKEYLEN check replaces the existin...
EUVD-2026-27580
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...
CVE-2026-43085
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the uninitialized payload of NLMSGDONE in the nfnetlinklog, leading to a leak of kernel heap data...
Astra Linux – Vulnerability in Linux, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: btrfs: Fixed memory ordering between normal and ordered work functions. Ordered work functions are not guaranteed to be handled by the same thread that executes the normal work functions. The only way to synchronize execution...
SUSE CVE-2026-31534
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...
CVE-2026-31534
No description is available for this CVE...