Lucene search
K

90 matches found

SUSE CVE
SUSE CVE
added 2026/06/26 2:10 a.m.8 views

SUSE CVE-2026-53202

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

7.8CVSS6AI score0.00153EPSS
Exploits0References3
NVD
NVD
added 2026/06/25 9:16 a.m.9 views

CVE-2026-53202

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

7.8CVSS0.00153EPSS
Exploits0References7
CVE
CVE
added 2026/06/25 8:39 a.m.27 views

CVE-2026-53202

The CVE-2026-53202 issue affects the Linux kernel component accel/ivpu in IPC receive handling. It describes a signed integer truncation when data_size from firmware is cast to a signed int, leading to a potential unsigned wraparound with large values (≥ 0x80000000). This could enable oversized m...

7.8CVSS6AI score0.00153EPSS
Exploits0References7Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.9 views

PT-2026-52298

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the accel/ivpu component where firmware-supplied data size is cast to a signed integer before being processed by the min t function. When large unsigned values greater...

7.8CVSS6.1AI score0.00153EPSS
Exploits0References17
CVE
CVE
added 2026/06/24 4:29 p.m.9 views

CVE-2026-53022

The CVE-2026-53022 issue affects the Linux kernel (platform/x86: dell-wmi-sysman). The vulnerability arises in populate_enum_data(), where firmware-provided value-modifier and possible-value strings are appended with raw strcat() into fixed 512-byte members, after per-source bounds checks, enabli...

5.8AI score0.00172EPSS
Exploits0References7
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: Octeontx2-af: Added proper checks for fwdata. Firmware populates the MAC address, link modes supported, advertised, and EEPROM data in the shared firmware structure. Kernel access is allowed via the MAC block CGX/RPM. Accessin...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: mt76: mt7921s: fixed a possible memory leak in mt7921loadpatch. The fw data should always be released at the end of the mt7921loadpatch routine...

5.5CVSS6.3AI score0.00209EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ASoC: SOF: Added bounds checking to firmware data. Smatch complains that “head-fullsize – head-headersize” can cause underflow. To some extent, we will always have to trust the firmware. However, it’s easy to add checks for...

8.4CVSS5.7AI score0.00293EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: wifi: brcmfmac: Fixed a potential stack-out-of-bounds situation in brcmfcpreinitdcmds. This patch fixes a read operation that leads to a stack-out-of-bounds condition when the buffer ‘buf’ that is not null-terminated is passed...

7.8CVSS6.5AI score0.00153EPSS
Exploits0References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevention of certain integer underflows My static checker reports the following issue: drivers/infiniband/hw/irdma/ctrl.c:3605 irdmascceqinit Warning: Can subtract underflow for ‘info-dev-hmcfpmmisc.maxceqs’? It seem...

5.5CVSS6.2AI score0.00252EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.11 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: edk2 (UTSA-2026-017475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017475 advisory. BootPerformanceTable pointer is read from an NVRAM variable in PEI. Recommend setting PcdFirmwarePerformanceDataTableS3Support to FALSE. Tenable has extracted the...

7.8CVSS6.7AI score0.00423EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/05/09 2:39 a.m.12 views

SUSE CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/05/07 12:19 a.m.14 views

CVE-2026-43277

A flaw was found in the Linux kernel's ACPI Platform Error Interface APEI Generic Hardware Error Source GHES subsystem. A malicious firmware could send error data that is larger than the memory allocated by the kernel. This out-of-bounds write can lead to a kernel panic, effectively causing a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4
NVD
NVD
added 2026/05/06 12:16 p.m.25 views

CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.5CVSS0.00114EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.37 views

CVE-2026-43277 APEI/GHES: ensure that won't go past CPER allocated record

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

0.00114EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/05/06 11:28 a.m.9 views

CVE-2026-43277

In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than GHESESTATUSMAXSIZE currently, 64KB. Yet, the allocation is done with the...

5.7AI score0.00114EPSS
Exploits0References9Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-43277

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - APEI/GHES: ensure that won't go past CPER allocated record The logic at ghesnew prevents allocating too large records, by checking if they're bigger than...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.7 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013555 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The codelength value comes from the firmware...

5.8AI score0.00209EPSS
Exploits0References4
Snyk
Snyk
added 2026/04/16 1:31 a.m.11 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write in the ReadCLen function of the Tiano decompressor. An attacker can cause a crash by supplying specially crafted compressed firmware data that triggers a heap out-of-bounds write during decompression. Remediation...

8.8CVSS5.5AI score
Exploits0References2
CVE
CVE
added 2026/02/10 7:15 p.m.13 views

CVE-2025-29946

Technical details about CVE-2025-29946 (affected product/component/versions/root cause/patch) are not publicly provided in the supplied documents. Monitor for updates from vendors (AMD, OSV, Red Hat, Ubuntu, etc.) before assessing risk or remediation.

4.5CVSS5.5AI score0.0014EPSS
Exploits0References1
Rows per page
Query Builder