Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat function with FORTIFY support triggers a panic because it assumes that the target buffer will overflow, even though the correct target buffer size is provided. In any case,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: avoid struct memcpy overrun warning A previous patch addressed the fortified memcpy warning for most builds, but I still encounter this issue with gcc-9: In the file included from include/linux/string.h:254, from...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: ovl: Use the “buf” flexible array as the destination for memcpy. The “buf” flexible array must be used as the destination for memcpy to avoid false positive run-time warnings caused by the recent FORTIFYSOURCE hardening measures:...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: The crash in timerlatdumpstack has been fixed. We have observed kernel panics when using timerlat with stack saving, with the following dmesg output: memcpy: detected buffer overflow: 88 bytes written to a buffer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid field-overflowing memcpy In preparation for FORTIFYSOURCE, we are performing compile-time and run-time field bounds checking for memcpy, memmove, and memset. Avoid intentionally writing across neighboring fields...

SUSE CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

DEBIAN-CVE-2026-11793

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

EUVD-2026-35423

A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute values. An attacker with Directory Manager privileges can...

samba security update

4.19.4-16.0.1 - s3: winbindd: winbinddpam: fix leak in extractpacvrfysigs Orabug: 36518285 - s3:passdb: Do not leak memory in pdbtdb Orabug: 36371377 - Gluster volumes not accessible via Samba due to missing samba-vfs-glusterfs in OL8 Orabug: 30205755 4.19.4-16 - resolves: RHEL-156322 - Fix...

CVE-2026-46149

A flaw was found in the Linux kernel's SCSI target subsystem. This vulnerability, a buffer overflow, occurs in the tgptgpmembersshow function when processing long iSCSI IQN names. An attacker could potentially exploit this by providing a specially crafted input, leading to the disclosure of...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

UBUNTU-CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

Summary: CVE-2026-46149 affects the Linux kernel SCSI target subsystem, specifically the configfs path in tg_pt_gp_members_show(). The function formats LUN paths with snprintf() into a 256-byte stack buffer and then copies cur_len bytes via memcpy(), but snprintf() may return a length that exceed...

PT-2026-44272

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow occurs in the target tg pt gp members show function when formatting LUN paths using snprintf into a 256-byte stack buffer. Because iSCSI IQN names can reach 223 bytes,...

SUSE CVE-2026-44071

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...

CVE-2026-44071

A flaw was found in Netatalk. This issue arises because the software is compiled without FORTIFYSOURCE, a security feature that provides built-in buffer overflow detection at runtime. A remote attacker could exploit this by triggering memory errors that would otherwise be safely handled, leading ...

CVE-2026-44071

Netatalk 3.1.2 through 4.4.2 is compiled without FORTIFYSOURCE, which disables built-in buffer overflow detection at runtime, potentially allowing a remote attacker to cause a minor denial of service via memory errors that would otherwise be caught and safely terminated by runtime protection...