474 matches found
Gitlab CE/EE 13.4 - 13.6.2 - Information Disclosure
GitLab CE and EE 13.4 through 13.6.2 is susceptible to Information disclosure via GraphQL. User email is visible. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2020-26413 info:...
CVE-2026-46088
A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA control component. Improper validation of the buffer length before a string length operation in the sndctleleminitenumnames function can lead to a system panic. This vulnerability could allow a local attacker to trigger...
CVE-2026-46088
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
UBUNTU-CVE-2026-46088
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
EUVD-2026-32471
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
CVE-2026-46088
The CVE-2026-46088 entry concerns the Linux kernel ALSA control code. The issue occurs in snd_ctl_elem_init_enum_names() as it advances a pointer through a names buffer while decrementing buf_len; when buf_len hits zero but items remain, a subsequent strnlen(p, 0) could be triggered. Fortify chec...
CVE-2026-46088
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
CVE-2026-46088 ALSA: control: Validate buf_len before strnlen() in snd_ctl_elem_init_enum_names()
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
CVE-2026-46088
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames sndctleleminitenumnames advances pointer p through the names buffer while decrementing buflen. If buflen reaches zero but items remain, the next iteration...
SUSE CVE-2025-48734
Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...
CVE-2026-46088
ALSA: control: Validate buflen before strnlen in sndctleleminitenumnames...
PT-2026-43956
In the Linux kernel, the following vulnerability has been resolved: ALSA: control: Validate buf len before strnlen in snd ctl elem init enum names snd ctl elem init enum names advances pointer p through the names buffer while decrementing buf len. If buf len reaches zero but items remain, the nex...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: rx-macro: fixed an issue where accessing an array was done outside the bounds of the array for an enum type. Accessing enums using integers would result in accessing an array outside its bounds on platforms like...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: rustbinder: Properly handles FDA objects with a length of zero. A bug has been fixed where an empty FDA fd array object with 0 fds could cause an out-of-bounds error. The previous implementation used skip == 0 to indicate “this i...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed the type of the second parameter in the odneditdpmtable callback. With Clang’s kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer...
CLSA-2026-1778237657 binutils: Fix of 4 CVEs
CVE-2025-5244: fix ld segfault on fuzzed object via NULL group head - CVE-2025-5245: fix segv in objdump debugtypesamep and debugwritetype on incomplete enum types - CVE-2026-3441: fix xcofflink XTYLD xscnlen out-of-bounds index - CVE-2026-3442: fix xcofflink rsymndx out-of-bounds sym hash index...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: Fix ERRPTR dereference in uvcv4l2.c Fix potential dereferencing of ERRPTR in findformatbypix and uvcv4l2enumformat. Fix the following smatch errors: drivers/usb/gadget/function/uvcv4l2.c:124 findformatbypix erro...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: The inode is marked as “bad” as soon as an error is detected using the mienumattr function. The interface of the miEnumAttr function was extended by adding an additional parameter, struct ntfsinode ni. This allows the...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix array underflow in pciendpointtestioctl Commit eefb83790a0d "misc: pciendpointtest: Add doorbell test case" added NOBAR -1 to the pcibarno enum which, in practical terms, changes the enum from an unsign...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: ASoC: Codecs: va-macro: Fix for accessing an array out of bounds for an enum type. Accessing enums using integers would result in accessing an array out of bounds on platforms like aarch64, where sizeoflong is 8 compared to the...