248 matches found
CVE-2025-71265
CVE-2025-71265 affects the Linux kernel ntfs3 attribute run parsing. A malformed NTFS image could trigger an infinite loop in attr_load_runs_range when an empty run list is claimed but data is expected, due to the code path leaving runs_tree uninitialized (runs NULL) after a successful return fro...
DEBIAN-CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
UBUNTU-CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...
CVE-2026-23238
CVE-2026-23238 (Linux kernel — romfs): The romfs implementation in the kernel failed to honor the return value of sb_set_blocksize(), continuing a mount when the requested ROMBSIZE (e.g., 4096) was incompatible with the device’s logical_block_size (e.g., 32768). This could occur by using LOOP_SET...
PT-2026-22924
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel has an issue where romfs fill super does not check the return value of sb set blocksize. This can lead to a kernel BUG in folio set bh if a loop device's block size is s...
CVE-2025-71231
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...
CVE-2025-71231
CVE-2025-71231 is addressed by a Linux kernel crypto: iaa fix that prevents an out-of-bounds index in find_empty_iaa_compression_mode and ensures a valid index or -EINVAL is returned. Connected OSV entries show Root patching the issue in rootio-linux for multiple distros (e.g., Root:Ubuntu 24.04,...
CVE-2025-71231
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix out-of-bounds index in findemptyiaacompressionmode The local variable 'i' is initialized with -EINVAL, but the for loop immediately overwrites it and -EINVAL is never returned. If no empty compression mode can b...
SUSE CVE-2026-23194
In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...
CVE-2026-23194
In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...
SUSE CVE-2025-71076
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
CVE-2025-71076
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
UBUNTU-CVE-2025-71076
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
CVE-2025-71076
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
CVE-2025-71076 drm/xe/oa: Limit num_syncs to prevent oversized allocations
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
CVE-2025-71076 drm/xe/oa: Limit num_syncs to prevent oversized allocations
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. Add check to ensure...
CVE-2025-71076
Technical details for CVE-2025-71076 are not publicly provided in the supplied documents. Monitor for updates for affected products, versions, exploitability, and remediation specifics.
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Treat the remaining value being equal to 0 as an error in findandmapuserpages. Currently, if findandmapuserpages receives a DMA transfer request from the user with a length field set to 0, or in a rare case, when the...