Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: net/smc: fixed a warning in smcrxsplice, when calling getpage The smcloregisterdmb function allocates DMB buffers using kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this...

FreeBSD Security Advisory - FreeBSD-SA-26:26.ktls

FreeBSD Security Advisory - The KTLS receive path decrypted each record in place, assuming that the mbufs holding received data were anonymous and safe to modify. This assumption does not hold for data placed on a socket by sendfile2, which can reference file-backed memory directly through...

UBUNTU-CVE-2026-46301

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind...

EUVD-2026-35122

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vmaflags in vb2dmasgmmap vb2dmacontig sets VMA flags VMDONTEXPAND and VMDONTDUMP and I do not see a reason why vb2dmasg should behave differently. This avoids hitting WARNON!vma-vmflags & VMDONTEXPAND; in...

ROS-20260605-73-0082

The vulnerability in Firefox is related to the execution of operations outside the buffer in memory. The vulnerability can be exploited remotely...

ROS-20260520-73-0059

A vulnerability in the WebCodecs component of Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary code or cause a denial of service using a specially crafted HTML page...

ROS-20260515-73-0004

A vulnerability in the Firebird database management system is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

PT-2026-48611

Name of the Vulnerable Software and Affected Versions FreeBSD affected versions not specified Description A local privilege escalation issue exists in FreeBSD kTLS-RX. The flaw allows a local user to overwrite files they have read access to by utilizing in-place AES-GCM decryption over sendfile2...

ROS-20260429-73-0006

A vulnerability in the PostgreSQL database management system's oidvector data type handling function is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to expose server memory bytes and gain access to sensitive informat...

ROS-20260429-73-0004

A vulnerability in the PostgreSQL database management system's oidvector data type handling function is related to reading beyond memory buffer boundaries. Exploitation of the vulnerability could allow an attacker acting remotely to expose server memory bytes and gain access to sensitive informat...

ROS-20260327-73-0008

Vulnerability in python-pillow related to writing beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

CVE-2026-33849

The CVE-2026-33849 entry concerns linkingvision rapidvms with an Improper Restriction of Operations within the Bounds of a Memory Buffer. Affected software: rapidvms (before PR#96). Root cause: operations permitted beyond allocated memory buffer bounds. Impact is high (confidentiality, integrity,...

ROS-20260323-73-0019

A vulnerability in the dmaengine component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability allows an attacker to cause a denial of service...

ROS-20260317-73-0009

A vulnerability in the xdplinearizepage function of the drivers/net/virtionet.c module of the Linux operating systems kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2025-47398

Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers...

ROS-20251217-7302

A vulnerability in the WebGPU component of the Google Chrome browser is related to reading beyond buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code and cause a denial of service...

AzeoTech DAQFactory Out-of-Bounds Read Vulnerability

AzeoTech DAQFactory is a data acquisition and monitoring software developed by AzeoTech, Inc. and commonly used in industrial automation. AzeoTech DAQFactory suffers from an out-of-bounds read vulnerability that originates from out-of-bounds reading of memory buffer data, which can be exploited b...

CVE-2025-58410

Software installed and run as a non-privileged user may conduct improper GPU system calls to gain write permissions to memory buffers exported as read-only. This is caused by improper handling of the memory protections for the buffer resource...

EUVD-2025-35068

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix warning in smcrxsplice when calling getpage smcloregisterdmb allocates DMB buffers with kzalloc, which are later passed to getpage in smcrxsplice. Since kmalloc memory is not page-backed, this triggers WARNONONCE in...

EUVD-2002-1185

Malware in sbrugna...