5 matches found
CVE-2026-31607
In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...
CLSA-2026-1776362968 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
CLSA-2026-1776361748 Fix CVE(s): CVE-2026-0968
SECURITY UPDATE: heap read past bounds in sftpparselongname from malicious SFTP longname field - debian/patches/CVE-2026-0968.patch: validate longname pointer and longnamefield; bound string walks at NUL; fail if field not found - CVE-2026-0968...
CVE-2026-33987 FreeRDP: Persistent Cache bmpSize Desync - Heap OOB Write
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.24.2, in persistentcachereadentryv3 in libfreerdp/cache/persistent.c, persistent-bmpSize is updated before winpralignedrecalloc. If realloc fails, bmpSize is inflated while bmpData points to the old buffer. This...
GHSA-GQ2J-CR96-GVQX `MirrorPadGrad` heap out of bounds read
Impact If MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error. python import tensorflow as tf tf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' Patches We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec9...