CVE-2026-45994

In the Linux kernel, the ibmasm component is affected by CVE-2026-45994. The vulnerability occurs in command_file_write: it allocates a kernel buffer of exactly count bytes and copies user data into it without validating against the dot command protocol before calling get_dot_command_size() and g...

CVE-2026-43129 ima: verify the previous kernel's IMA buffer lies in addressable RAM

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005092)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005092 advisory. In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bnatcb and bnaccb structures To have enough space to write all...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002245)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002245 advisory. Buffer overflow in the ozcdevwrite function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003521)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003521 advisory. In the function wmisetie, the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ielen' argument can cause...

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register...

CVE-2025-68747 drm/panthor: Fix UAF on kernel BO VA nodes

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should be blocked too, so no...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38559)

scsi: qedf: Ensure the copied buf is NUL terminated Currently, we allocate a count-sized kernel buffer and copy count from userspace to that buffer. Later, we use kstrtouint on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using...

Siemens SIMATIC Devices Improper Input Validation (CVE-2024-38560)

scsi: bfa: Ensure the copied buf is NUL terminated Currently, we allocate a nbytes-sized kernel buffer and copy nbytes from userspace to that buffer. Later, we use sscanf on this buffer but we don't ensure that the string is terminated inside the buffer, this can lead to OOB read when using sscan...

EUVD-2019-6791

Malware in sbrugna...

EUVD-2014-9740

Malware in sbrugna...

EUVD-2017-7277

Malware in sbrugna...

EUVD-2021-7432

Malicious code in bioql PyPI...

EUVD-2023-47931

Malicious code in bioql PyPI...

CVE-2025-39836

In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter expects those buffers to be contiguous pages, but setupmmhdr just uses...

CVE-2025-39836 efi: stmm: Fix incorrect buffer allocation method

In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter expects those buffers to be contiguous pages, but setupmmhdr just uses...

CVE-2025-39836 efi: stmm: Fix incorrect buffer allocation method

In the Linux kernel, the following vulnerability has been resolved: efi: stmm: Fix incorrect buffer allocation method The communication buffer allocated by setupmmhdr is later on passed to teeshmregisterkernelbuf. The latter expects those buffers to be contiguous pages, but setupmmhdr just uses...

CVE-2025-39836

CVE-2025-39836 is a Linux kernel issue described as resolved: the EFI stmm path allocated a communication buffer with kmalloc(), while the consumer expects contiguous pages, risking corruptions/BUGs. The fix switches from kmalloc() to alloc_pages_exact() in setup_mm_hdr() so buffers passed to tee...

RockyLinux 8 : kernel-rt (RLSA-2025:11299)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:11299 advisory. kernel: cifs: potential buffer overflow in handling symlinks CVE-2022-49058 kernel: media: uvcvideo: Remove dangling pointers CVE-2024-58002 kernel:...

CVE-2025-38481 comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large

In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct comediinsn, getting the length from the ninsns member of the struct...