628 matches found
CVE-2026-53171
A flaw was found in the Linux kernel's accel/ethosu driver. The dmalength function, responsible for calculating Direct Memory Access DMA region usage, contains several arithmetic issues. These issues, including potential underflows and overflows during calculations, can lead to an under-reporting...
CVE-2026-45195
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: added a sanity check on the previous kernel’s ima kexec buffer. When the second-stage kernel is booted via kexec with a limiting command line such as “mem=”, the physical range that contains the carried over IMA...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fixed a potential out-of-bounds read in iommummioshow. In iommummiowrite, the offset provided by the user is validated using the check: iommu-dbgmmiooffset iommu-mmiophysend - 4. This assumes a 4-byte access. However,...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: selinux: A boundary check has been added in putentry. Just like in nextentry, a boundary check is necessary to prevent memory access that is out of bounds...
Astra Linux – Vulnerability in freerdp2
FreeRDP is a free implementation of the Remote Desktop Protocol. Clients that use versions of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read vulnerabilities. Versions 3.5.0 and 2.11.6 address this issue. As a workaround, use the /gfx or /rfx modes default setting; requires...
Astra Linux – Vulnerability in Linux
A flaw was discovered in the Linux kernel. A use-after-free occurred in the way the console subsystem utilized ioctls KDGKBSENT and KDSKBSENT. A local user could exploit this flaw to gain access to memory beyond its intended scope. The most significant threat posed by this vulnerability is to dat...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fixed access beyond the end of the drmem array The dlparmemoryremovebyindex function may access beyond the bounds of the drmem lmb array when the LMB lookup fails to match an entry with the given DRC index...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IMA: Verify that the IMA buffer from the previous kernel is within the addressable RAM. Patch series “Address page fault in imarestoremeasurementlist”, version 3. When the second-stage kernel is booted using kexec with a limiting...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: APEI/GHES: ARM processor Error: Do not go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic will fail to deferrence err-sectionlength and ctxinfo-size. Add...
Astra Linux – Vulnerability in Linux
A memory-bound write flaw 1 or 2 bytes of memory was identified in the Linux kernel’s NFS subsystem, related to the way users use mirroring replication of files via NFS. A user with access to the NFS mount could potentially exploit this flaw to crash the system or escalate privileges on the syste...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: The imagetkexecbuffer function does not check whether the ima-kexec-buffer of the previous kernel lies outside the addressable memory range. This can lead to a kernel panic if the new kernel is booted with the mem=X argument, and...
ROS-20260610-73-0010
The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...
ROS-20260609-73-0038
The vulnerability in Thunderbird is related to an operation that goes beyond the buffer boundaries in memory. Exploitation of this vulnerability can be carried out remotely...
ROS-20260609-73-0011
The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of the protected...
ROS-20260609-73-0006
The vulnerability of the jpegimageload function in the image loading library GdkPixbuf is related to the situation where the operation exits the buffer boundaries in memory when processing a specially created JPEG image. Exploiting this vulnerability could allow a malicious actor to cause service...
JLSEC-2026-580
In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable isn't reset under certain circumstances. If the relevant memory area happened to be freed and reused in a certain way, a bounds check could fail and memory outside a buffer could be written to, or uninitialized data could be...
ROS-20260608-73-0011
The vulnerability of the .NET software platform is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
Advisory ROSA-SA-2026-3296
CVE-ID: CVE-2020-10809 BDU-ID: 2024-07119 CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in the Decompress function in the decompress.c file. This vulnerability is related to writing beyond the memory bounds. Exploitation of this vulnerability could allow an attacker to cause a service failure...
CVE-2026-46020
CVE-2026-46020 affects the Linux kernel DAMON subsystem. The issue arises from unvalidated damos_quota_goal->nid for node_mem_{used,free}_bp, which is used by si_meminfo_node() and NODE_DATA(), potentially enabling out-of-bounds memory access via DAMON_SYSFS. The provided patch series mm/damon...