16780 matches found
CVE-2026-53205 accel/ivpu: Add bounds checks for firmware log indices
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...
EUVD-2026-39264
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...
CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate()
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...
EUVD-2026-39260
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...
CVE-2026-53169
The CVE affects the Linux kernel driver path accel/ethosu and specifically rejects NPU_OP_RESIZE commands from userspace. The root cause is a placeholder WARN_ON(1) that fires for DRM_IOCTL_ETHOSU_GEM_CREATE, allowing unbounded kernel log spam and, if panic_on_warn is set, a potential denial-of-s...
EUVD-2026-39259
In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...
CVE-2026-53168
In CVE-2026-53168, the Linux kernel vulnerability concerns FUSE pagecache operations. Specifically, the FUSE_NOTIFY_STORE and FUSE_NOTIFY_RETRIEVE handlers could allow a FUSE daemon to access pagecache contents for directories using FOPEN_CACHE_DIR. The issue is mitigated by rejecting these opera...
BIT-PYTHON-MIN-2026-9669 bz2.BZ2Decompressor reuse after error can cause a stack buffer overflow
bz2.BZ2Decompressor objects could be reused after a decompression error. If an application caught the resulting OSError and retried with the same decompressor, crafted input could cause the decompressor to resume from an invalid internal state and perform out-of-bounds writes to a stack buffer...
net/url: Incorrect parsing of IPv6 host literals in net/url
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid...
Linux Distros Unpatched Vulnerability : CVE-2026-53039
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: validate group add input before caching BUG OCFS2IOCGROUPADD can trigger a BUGON in ocfs2setnewbufferuptodate: kernel BUG at fs/ocfs2/uptodate.c:509! Oop...
PT-2026-52448
Name of the Vulnerable Software and Affected Versions Nokogiri versions prior to 1.19.4 Description In the CRuby libxml2 implementation, calling the Documentencoding= method with an invalid encoding, such as a non-string or a string containing a null byte, triggers an exception. This process occu...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/xe/oa: Limit numsyncs to prevent oversized allocations. The OA open parameters did not validate numsyncs, allowing userspace to pass arbitrarily large values, potentially leading to excessive allocations. A check was added to...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: irqchip/mchp-eic: The error code in mchpeicdomainalloc has been fixed. If irqdomaintranslatetwocell sets “hwirq” to = MCHPEICNIRQ 2, it may lead to an out-of-bounds access. The code checks for invalid values, but does not set the...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: Tracing: The WARNON message in tracingbuffersmmapclose has been fixed for split VMA instances. When a VMA is split e.g., through partial munmap or MAPFIXED, the kernel calls vmops-close on each portion of the VMA. For trace buffe...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: crypto: iaa – Fixed an out-of-bounds index issue in findemptyiaacompressionmode. The local variable ‘i’ is initialized with -EINVAL, but the for loop immediately overwrites it, and -EINVAL is never returned. If no empty...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: bpf: Fixed an invalid prog-stats access when updateeffectiveprogs fails. The issue occurs due to a fault-injected code sequence in updateeffectiveprogs. The problem can be described as follows: c cgroupbpfdetach...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed a reference count leak when an invalid session is found during session lookup. When a session is found, but its state is not SMB2SESSIONVALID, it indicates that no valid session was found. However, the reference coun...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: drm/buddy: This issue is prevented by validating the rounded allocation size. When DRMBUDDYCONTIGUOUSALLOCATION is set, the requested size is rounded up to the next power of two using rounduppowoftwo. Similarly, for non-contiguou...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents infinite loops that occur when the next valid value is the same. When processing the valid field within the range valid : pos, if the valid value cannot be retrieved correctly—for example, if the...