Linux Distros Unpatched Vulnerability : CVE-2026-52910

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Free reuseport cBPF prog after RCU grace period. Eulgyu Kim reported the splat below with a repro. 0 The repro sets up a UDP reuseport group with a cBPF pr...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: core: zero-initialize the report buffer. Since the report buffer is used by various drivers in various ways, let’s initialize it to zero during allocation, so that it cannot ever be used to leak kernel memory through special...

EUVD-2026-37938

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

CVE-2026-56099

OpenBSD before commit 6a23123 (2026-06-18) contains an out-of-bounds read in sys/netmpls/mpls_input.c:mpls_do_error, allowing remote disclosure of kernel stack memory by crafting MPLS frames with 16 labels and no Bottom-of-Stack bit. Affected component is the MPLS input handling path; root cause ...

CVE-2026-56099 OpenBSD mpls_do_error Kernel Stack Memory Disclosure via MPLS Input

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2025-40278)

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel- infoleak Fix a KMSAN kernel-infoleak detected by the syzbot . net? KMSAN: kernel-infoleak in skbdatagramiter In tcfifedump, the variable 'opt' was partially...

EUVD-2026-37036

On Xtensa targets with CONFIGUSERSPACE and CONFIGXTENSAMMU, the page-table code arch/xtensa/core/ptables.c maintains a global list, xtensadomainlist, of active memory domains using a list node embedded inside the caller-owned struct kmemdomain. When a domain is destroyed via kmemdomaindeinit -...

CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...

CVE-2026-34195 GPU DDK - Kernel heap OOB write in PMRChangeSparseMemOSMem due to incorrect physical page translation from virtual page indexes

Software installed and run as a non-privileged user may conduct intentional GPU sparse memory API calls to cause out of bounds write in the kernel. The product incorrectly indexes internal state when performing sparse allocation remapping...

FreeBSD : FreeBSD -- Multiple vulnerabilities in the sound(4) mmap path (253188dd-6473-11f1-958d-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 253188dd-6473-11f1-958d-bc241121aa0a advisory. The sound4 driver contained two memory-safety errors in its mmap2 support. First, dspmmapsingl...

CVE-2026-11604

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

CVE-2026-11604

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

CVE-2026-11604

An incorrect buffer size calculation in the epoch key generator in OpenVPN ovpn-dco-win version 2.0.0 through 2.8.3 allows a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, resulting in a system crash denial of service...

CVE-2026-11604

CVE-2026-11604 concerns OpenVPN ovpn-dco-win, where an incorrect buffer size calculation in the epoch key generator (versions 2.0.0–2.8.3) can be abused by a remote authenticated peer to trigger a heap-based buffer overflow and kernel memory corruption via a crafted data packet, causing a denial ...

CVE-2026-0466

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

SUSE CVE-2026-46322

In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...

OpenVPN ovpn-dco-win 安全漏洞

OpenVPN ovpn-dco-win is a virtual network adapter for Windows developed by OpenVPN. There are security vulnerabilities in versions 2.0.0 to 2.8.3 of OpenVPN ovpn-dco-win. These vulnerabilities stem from errors in buffer size calculations by the epoch key generator, which may allow remotely...

CVE-2026-0466

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

EUVD-2026-35767

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...

CVE-2026-0466

Improper access control in AMD uProf may allow a local attacker with user privileges to write to the kernel-shared memory section, potentially resulting in crash or denial of service...