CVE-2026-49319

CVE-2026-49319 concerns a roll-back attack on a Remote Keyless Entry System (RKES) using the 433 MHz key fob with FCC ID CWTR53R0 from ALPS ALPINE CO., LTD. The described vulnerability allows an attacker within RF range to record two consecutive lock/unlock transmissions and replay them to cause ...

EUVD-2026-39417

Remote Keyless Entry System RKES, using the 433 MHz key fob bearing FCC ID CWTR53R0 manufactured by ALPS ALPINE CO., LTD., is vulnerable to a roll-back attack against its rolling-code authentication. An attacker within RF range who records two consecutive lock or unlock transmissions from a...

CVE-2026-53256

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: hold listener socket in rfcommconnectind rfcommgetsockbychannel scans rfcommsklist under the list lock, but returns the selected listener after dropping that lock without taking a reference. rfcommconnectind th...

EUVD-2026-38887

In the Linux kernel, the following vulnerability has been resolved: clk: spacemit: ccumix: fix inverted condition in ccumixtriggerfc Fix inverted condition that skips frequency change trigger, causing kernel panics during cpufreq scaling...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Staging: iio: frequency: ad9834: Validate frequency parameter value In ad9834writefrequency, clkgetrate may return 0. In such cases, the call to ad9834calcfreqreg will result in a division by zero. Checking if fout clkfreq / 2 do...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limits the number of signal/freq counts in summary output functions. The debugfs summary output could access uninitialized elements in the freqin and signalout arrays, leading to NULL pointer dereferences and triggering...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: Set buffer sampling frequency for accelerometer only The stlsm6dsxhwfifoodrstore function, which is called when the user space writes the buffer sampling frequency sysfs attribute, calls stlsm6dsxcheckodr. Th...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: mmcc-msm8974: fix terminating of frequency table arrays. The frequency table arrays are supposed to be terminated with an empty element. Add such an entry to the end of the arrays where it is missing, in order to avoid...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Staging: iio: frequency: ad9832: fixed division by zero in ad9832calcfreqreg. In the ad9832writefrequency function, clkgetrate might return 0. This can lead to a division by zero when calling ad9832calcfreqreg. The check if fout...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: iio: proximity: hx9023s: Protect against division by zero in setsampfreq Avoid division by zero when the sampling frequency is not specified...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Media: dvb-frontends: tda10048 – Fixed integer overflow. state-xtalhz can be up to 16M; when multiplied by pllmfactor, it may cause an integer overflow of 32 bits. A new 64-bit variable was created to store the calculated values...

Astra Linux – Vulnerability in Linux, Linux 5.10

Rogue backends can cause Denial of Service DoS attacks on guests through high-frequency events. This CNA information record relates to multiple Common Vulnerabilities and Exposures CVEs; the text explains which aspects/vulnerabilities correspond to which CVEs. Xen allows for the execution of PV...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: The segfault caused by PEBS-via-PT with a sample frequency has been fixed. Currently, using PEBS-via-PT with a sample frequency instead of a sample period causes a segfault. For example: BUG: Kernel NULL pointer...

wireshark: Buffer Over-read in Wireshark

A flaw was found in the RF4CE Profile dissector in Wireshark. This issue occurs when malformed packets are decoded from a pcap file or the network, causing a buffer over-read, resulting in a denial of service...

CVE-2026-5233

Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

PT-2026-49235

Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250...

SUSE CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

UBUNTU-CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-46282 iio: frequency: admv1013: fix NULL pointer dereference on str

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...