EUVD-2026-38726

In the Linux kernel, the following vulnerability has been resolved: ipc: limit nextid allocation to the valid ID range The checkpoint/restore sysctl path can request the next SysV IPC id through ids-nextid. ipcidralloc currently forwards that request to idralloc with an open-ended upper bound. If...

CVE-2026-52923

CVE-2026-52923 concerns the Linux kernel and a bug in the checkpoint/restore path related to SysV IPC id allocation. The issue occurs when ids->next_id is passed to idr_alloc() with an open-ended upper bound, allowing the valid tail of the IPC id space to spill past ipc_mni. The result can be ...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: landlock: Fixed the warning from KUnit tests getidrange expects a positive value as its first argument, but getrandomu8 can return 0. This issue was fixed by clamping the value. This was validated by running the test 1000 time...

SUSE CVE-2025-71100

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from ieee80211gettid might be out of range of array size of staentry-tids, so check TID is less than MAXTIDCOUNT. Othwerwise, UBSAN warn: UBSAN:...

CVE-2019-2301

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W,...

SUSE CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651

Summary: CVE-2025-38651 concerns the Linux kernel landlock component. A bug in get_id_range() could receive a non-positive value because get_random_u8() may return 0, triggering an unsafe first argument. The fix clamps the value to ensure positivity. The vulnerability was discussed in kernel-land...

CVE-2025-38651 landlock: Fix warning from KUnit tests

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

CVE-2025-38651

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix warning from KUnit tests getidrange expects a positive value as first argument but getrandomu8 can return 0. Fix this by clamping it. Validated by running the test in a for loop for 1000 times. Note that MAX is wron...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the landlock KUnit test where getidrange may receive a value of 0, resulting in a warning...

PT-2025-34412 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 6.16.0-rc1-dev-00001-g314a2f98b65f and earlier Description: A flaw was identified in the Linux kernel related to landlock functionality. Specifically, the get id range function was susceptible to receiving a zero value a...

UBUNTU-CVE-2024-42133

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Ignore too large handle values in BIG hcilebigsyncestablishedevt is necessary to filter out cases where the handle value is belonging to ida id range, otherwise ida will be erroneously released in hciconncleanup...