CVE-2026-46114

CVE-2026-46114 affects the Linux kernel RDMA/rxe driver. A remote attacker could exploit zero- or non-8-byte ATOMIC_WRITE payloads by triggering atomic_write_reply() to dereference 8 bytes past the packet boundary, leaking up to 4 bytes of kernel tailroom per probe (plus trailing ICRC). The issue...

CVE-2026-43125 dlm: validate length in dlm_search_rsb_tree

In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlmsearchrsbtree The len parameter in dlmdumprsbname is not validated and comes from network messages. When it exceeds DLMRESNAMEMAXLEN, it can cause out-of-bounds write in dlmsearchrsbtree. Add length...

CVE-2025-68799 caif: fix integer underflow in cffrml_receive()

In the Linux kernel, the following vulnerability has been resolved: caif: fix integer underflow in cffrmlreceive The cffrmlreceive function extracts a length field from the packet header and, when FCS is disabled, subtracts 2 from this length without validating that len = 2. If an attacker sends ...

DEBIAN-CVE-2025-38715

In the Linux kernel, the following vulnerability has been resolved: hfs: fix slab-out-of-bounds in hfsbnoderead This patch introduces isbnodeoffsetvalid method that checks the requested offset value. Also, it introduces checkandcorrectrequestedlength method that checks and correct the requested...