Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: wifi: p54: prevent buffer-overflow in p54rxeepromreadback Robert Morris reported: |If a malicious USB device pretends to be an Intersil p54 wifi |interface and generates an eepromreadback message with a large |eeprom-v1.len,...

Linux Distros Unpatched Vulnerability : CVE-2026-31748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to...

CVE-2026-31747

A flaw was found in the Linux kernel's comedi: me4000 driver. The me4000xilinxdownload function fails to validate the length of the firmware data stream, trusting the value provided in the firmware header. A local attacker could exploit this by providing a specially crafted firmware image, leadin...

CVE-2026-31748 comedi: me_daq: Fix potential overrun of firmware buffer

In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...

CVE-2026-31748

CVE-2026-31748 (Linux kernel, comedi me_daq) : A firmware-overrun was fixed in the me2600_xilinx_download() path used by request_firmware(). The code trusts the firmware header and reads file_length from the first 4 bytes, then copies file_length bytes from offset 16 without verifying the data st...

EUVD-2026-26560

In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...

CVE-2026-31747

CVE-2026-31747 affects the Linux kernel code path for comedi me4000 firmware loading. The vulnerability arises when me4000_xilinx_download() blindly trusts the firmware file format and reads a header length from the first 4 bytes into file_length, then reads data from offset 16 of length file_len...

PT-2026-36383

In the Linux kernel, the following vulnerability has been resolved: comedi: me daq: Fix potential overrun of firmware buffer me2600 xilinx download loads the firmware that was requested by request firmware. It is possible for it to overrun the source buffer because it blindly trusts the file...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38428)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38428 advisory. - In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in...

SUSE CVE-2022-50763

In the Linux kernel, the following vulnerability has been resolved: crypto: marvell/octeontx - prevent integer overflows The "codelength" value comes from the firmware file. If your firmware is untrusted realistically there is probably very little you can do to protect yourself. Still we try to...

Astra Linux - уязвимость в u-boot

There exists an unchecked length field in UBoot. The U-Boot DFU implementation does not bound the length field in USB DFU download setup packets, and it does not verify that the transfer direction corresponds to the specified command. Consequently, if a physical attacker crafts a USB DFU download...

SUSE CVE-2023-53589

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware nchannels If the firmware sends us a corrupted MCC response with nchannels much larger than the command response can be, we might copy far too much uninitialized memory and even crash if t...

UBUNTU-CVE-2025-38428

In the Linux kernel, the following vulnerability has been resolved: Input: ims-pcu - check record size in imspcuflashfirmware The "len" variable comes from the firmware and we generally do trust firmware, but it's always better to double check. If the "len" is too large it could result in memory...

PT-2022-10436 · Qualcomm · Snapdragon Auto +4

Name of the Vulnerable Software and Affected Versions: Snapdragon Auto affected versions not specified Snapdragon Compute affected versions not specified Snapdragon Connectivity affected versions not specified Snapdragon Industrial IOT affected versions not specified Snapdragon Mobile affected...