CVE-2026-46190

A flaw was found in the Linux kernel's Memory Technology Device MTD SPI-NOR debugfs component. An out-of-bounds read vulnerability exists in the spinorparamsshow function due to an incorrect calculation of an array's size. This error allows a local attacker to read memory outside of the intended...

UBUNTU-CVE-2026-45896

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtdinteldg.c:750:15 index 0 is o...

PT-2026-43763

In the Linux kernel, the following vulnerability has been resolved: mtd: intel-dg: Fix accessing regions before setting nregions The regions array is counted by nregions, but it's set only after accessing it: UBSAN: array-index-out-of-bounds in drivers/mtd/devices/mtd intel dg.c:750:15 index 0 is...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mtd: Fixed NULL pointer dereferencing caused by the ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereferencing when trying to access ‘gluebi-desc’ in gluebiread. The issue arises...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011017 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011155)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011155 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to...

SUSE CVE-2026-23474

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...

CVE-2026-23474

A flaw was found in the Linux kernel's Memory Technology Device mtd subsystem, specifically within the RedBoot partition table parser. A local user could trigger a buffer overflow when the system attempts to read beyond the allocated buffer size during partition table parsing. This vulnerability...

PT-2026-30168

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIG FORTIFY SOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtin dynamic object size when available" produces the warning below and an oops...

ROS-20260306-73-0004

A vulnerability in the mtd component of the Linux operating system kernel is related to improper resource initialization. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2023-54295 mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type

In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: Fix shift-out-of-bounds in spinorseterasetype spinorseterasetype was used either to set or to mask out an erase type. When we used it to mask out an erase type a shift-out-of-bounds was hit: UBSAN: shift-out-of-boun...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a mtdchar read/write ioctl integer overflow, which could result in a buffer overflow...

EUVD-2023-60067

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check that the direction is...

mtd: core: fix possible resource leak in init_mtd()

...

EUVD-2022-55651

In the Linux kernel, the following vulnerability has been resolved: ima: Fix memory leak in imainodehash Commit f3cc6b25dcc5 "ima: always measure and audit files in policy" lets measurement or audit happen even if the file digest cannot be calculated. As a result, iint-imahash could have been...

CVE-2022-50566 mtd: Fix device name leak when register device failed in add_mtd_device()

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when register device failed: unreferenced object 0xffff888101aab550 size 8: comm "insmod", pid 3922, jiffies 4295277753 age 925.408s hex du...

EUVD-2025-31844

A vulnerability was identified in itsourcecode Leave Management System 1.0. This affects an unknown function of the file /reset.php. Such manipulation of the argument employid leads to sql injection. The attack may be performed from remote. The exploit is publicly available and might be used...

CVE-2023-53541

In CVE-2023-53541, the Linux kernel mtd: rawnand: brcmnand module had a potential out-of-bounds read during oob writes when the oob buffer length isn’t a multiple of word size. The fix adds a length check on the oob buffer read and fills the remainder with 0xff when the end of the buffer is reach...

EUVD-2022-55551

Malicious code in bioql PyPI...

EUVD-2025-31977

Malicious code in bioql PyPI...