EUVD-2026-27669

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

EUVD-2025-209677

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

CVE-2026-43274

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

CVE-2025-71286

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipccontroldata for bytes controls is: 1 sizeofstruct sofipc4controldata + // kernel only struct 2 sizeofstruct...

CVE-2025-71286

The CVE-2025-71286 issue concerns the Linux kernel’s ALSA SOF ipc4-topology component, where memory allocation for bytes controls was miscalculated. This could allow local memory corruption due to under-allocating space behind scontrol->ipc_control_data; fixes request allocating additional mem...

CVE-2026-43274 mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp_ipc_get_cluster_aggr_irq()

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

CVE-2026-43274

Summary (validated by connected docs): In the Linux kernel, the mailbox subsystem (mchp-ipc-sbi) had an out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() caused by indexing the dynamically allocated cluster_cfg array with hartid (potentially non-contiguous/ out of range). The fix switches t...

CVE-2026-43274

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

PT-2026-37614

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access issue exists in the mchp ipc get cluster aggr irq function. The cluster cfg array, which is dynamically allocated for per-CPU configuration structures based on th...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the mchpipcgetclusteraggrirq function in mchp-ipc-sbi. This function uses a hartid index on a...

PT-2026-37451

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls The size of the data behind of scontrol-ipc control data for bytes controls is: 1 sizeofstruct sof ipc4 control data + // kernel only struct 2 sizeofstruct...

RHCOS 4 : OpenShift Container Platform 4.7.45 (RHSA-2022:0870)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:0870 advisory. - cri-o: pod with access to 'hostIPC' and 'hostNetwork' kernel namespace allows sysctl from the list of safe sysctls to be applied t...

Linux Distros Unpatched Vulnerability : CVE-2026-43274

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration...

LobeHub has a Cross-Site Scripting issue that escalates to Remote Code Execution

Summary The vulnerability was automatically discovered by an ai agent and then manually verified. LobeChat's message rendering mechanism has a stored cross-site scripting XSS vulnerability. Combined with the Electron main process's exposed insecure IPC interface, attackers can construct malicious...

PT-2026-37247

Name of the Vulnerable Software and Affected Versions LobeHub versions prior to 2.1.48 Description A stored cross-site scripting XSS issue exists in the message rendering mechanism. When processing custom tags in the src/features/Portal/Artifacts/Body/Renderer/index.tsx render process, the softwa...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: Platform/x86: Intel: punitipc: fixed memory corruption. This issue addresses the issue where the address of the pointer “&punitipcdev” was passed, whereas the intention was to pass the pointer “punitipcdev” itself without the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevents underflow in sofipc4prioritymaskdfswrite The “id” field comes from the user. The type of this field should be changed to unsigned to prevent an array underflow...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: avoid a NULL dereference with unsupported widgets If an IPC4 topology contains an unsupported widget, its .moduleinfo field will not be set. As a result, sofipc4routesetup will cause a kernel error when attempting to...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipccontroldata via loadbytes We have sanity checks for checking whether the ipccontroldata is freed, and if any of them fail, the locally allocated scontrol-ipccontroldata is...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: ipc: Fixed a memory leak that occurred when msginitns failed during createipcns. Memory allocation using percpu may fail during createipcns. However, this failure is not properly handled, as the ipc sysctls and mq sysctls are...