67 matches found
CVE-2026-53016
Summary of CVE-2026-53016 (Linux kernel): The vulnerability exists in the crypto CCP driver when handling AF_ALG rfc3686-ctr-aes-ccp requests. The function ccp_aes_complete() restores AES_BLOCK_SIZE bytes into the caller’s IV buffer, but RFC3686 skciphers expose an 8-byte IV, leading to a buffer ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ubifswbufwritenolock: A read out-of-bounds issue exists in this function. This issue occurs when ubifswbufwritenolock attempts to access memory beyond the allocated bounds of the buffer buf. Here’s an example of how this issue...
CVE-2026-48961
A flaw was found in the zipdetails command-line interface CLI tool, bundled with IO::Compress for Perl. When processing a specially crafted Info-ZIP Unix Extra Field with an 8-byte User ID UID or Group ID GID, the zipdetails tool attempts to call an undefined subroutine. This can lead to the tool...
CVE-2026-46114
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMICWRITE payloads atomicwritereply at drivers/infiniband/sw/rxe/rxeresp.c unconditionally dereferences 8 bytes at payloadaddrpkt: value = u64 payloadaddrpkt; checkrkey previously accepted an...
CVE-2026-46114 RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMICWRITE payloads atomicwritereply at drivers/infiniband/sw/rxe/rxeresp.c unconditionally dereferences 8 bytes at payloadaddrpkt: value = u64 payloadaddrpkt; checkrkey previously accepted an...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RDMA rxe driver not rejecting non-8-byte AtomicWrite payloads, potentially leading to remote...
SUSE CVE-2026-48961
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
CVE-2026-48961
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
UBUNTU-CVE-2026-48961
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
CVE-2026-48961
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
EUVD-2026-32044
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
CVE-2026-48961 IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
CVE-2026-48961 IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...
PT-2026-43487
Name of the Vulnerable Software and Affected Versions IO::Compress versions 2.207 through 2.219 Description The bundled zipdetails CLI tool crashes when processing an Info-ZIP Unix Extra Field tag 0x7875 where the UID Size or GID Size is set to 8. This occurs because the decode ux function trigge...
Linux Distros Unpatched Vulnerability : CVE-2026-48961
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-by...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: tipc: fixed an information leak in tipctopsrvkernsubscr A 8-byte write was used to initialize the sub.usermHandle in tipctopsrvkernsubscr. Otherwise, four bytes remained uninitialized when calling setsockopt..., SOLTIPC,...
OESA-2026-2234 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Force 8-byte alignment for JIT buffer to prevent atomic tearing struct bpfplt contains a u64 target field. Currently, the BPF JIT allocator requests ...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006915)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006915 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011016)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011016 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix an information leak in tipctopsrvkernsubscr Use a 8-byte write to initialize...
CVE-2026-20202 Improper Input Validation during User Account Creation in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...