UBUNTU-CVE-2026-45974

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix invalid leaf access in btrfsquotaenable if ref key not found If btrfssearchslotforread returns 1, it means we did not find any key greater than or equals to the key we asked for, meaning we have reached the end of the...

PT-2026-34368

In the Linux kernel, the following vulnerability has been resolved: iomap: fix invalid folio access when i blkbits differs from I/O granularity Commit aa35dd5cbc06 "iomap: fix invalid folio access after folio end read" partially addressed invalid folio access for folios without an ifs attached, b...

CLSA-2026-1775723827 rsync: Fix of CVE-2025-10158

CVE-2025-10158: fix invalid access to files array via negative parentndx...

CVE-2025-71231 crypto: iaa - Fix out-of-bounds index in find_empty_iaa_compression_mode

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...

CLSA-2026-1771239384 kernel: Fix of 75 CVEs

net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 - NFSD: Avoid calling OPDESC with ops-opnum == OPILLEGAL CVE-2023-53680 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - KVM: x86: use arrayindexnospec with indices that come from...

CLSA-2026-1771081379 kernel: Fix of 76 CVEs

HID: core: ensure the allocated report buffer can contain the reserved report ID CVE-2025-38495 - fs/proc: fix uaf in procreaddirde CVE-2025-40271 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer CVE-2025-40269 - Bluetooth: ISO: Fix possible UAF on isoconnfree CVE-2025-40141 -...

SUSE CVE-2025-71086

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix invalid array index in rosekillbydevice rosekillbydevice collects sockets into a local array and then iterates over them to disconnect sockets bound to a device being brought down. The loop mistakenly indexes...

UBUNTU-CVE-2023-54223

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix invalid buffer access for legacy rq The below crash can be encountered when using xdpsock in rx mode for legacy rq: the buffer gets released in the XDPREDIRECT path, and then once again in the driver. This fix...

Linux Distros Unpatched Vulnerability : CVE-2025-40228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/sysfs: catch commit test ctx alloc failure Patch series mm/damon/sysfs: fix commit test damonctx deallocation. DAMON sysfs interface dynamically...

CVE-2025-64342

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

CVE-2025-64342

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

EUVD-2025-197854

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

CVE-2025-64342 ESF-IDF's ESP32 Bluetooth Controller Has an Invalid Access Address Vulnerability

ESF-IDF is the Espressif Internet of Things IOT Development Framework. When the ESP32 is in advertising mode, if it receives a connection request containing an invalid Access Address AA of 0x00000000 or 0xFFFFFFFF, advertising may stop unexpectedly. In this case, the controller may incorrectly...

PT-2025-47184

Name of the Vulnerable Software and Affected Versions ESF-IDF versions prior to 5.1.7 ESF-IDF versions prior to 5.2.6 ESF-IDF versions prior to 5.3.5 ESF-IDF versions prior to 5.4.3 ESF-IDF versions prior to 5.5.2 Description ESF-IDF, the Espressif Internet of Things IOT Development Framework, is...

EUVD-2018-17608

Malware in sbrugna...

EUVD-2020-0211

Malware in sbrugna...

EUVD-2025-30863

Malicious code in bioql PyPI...

AZL-67662 CVE-2025-39880 affecting package kernel for versions less than 6.6.112.1-1

In the Linux kernel, the following vulnerability has been resolved: libceph: fix invalid accesses to cephconnectionv1info There is a place where generic code in messenger.c is reading and another place where it is writing to con-v1 union member without checking that the union member is active i.e...