Advisory ROSA-SA-2026-3296

CVE-ID: CVE-2020-10809 BDU-ID: 2024-07119 CVE-Crit: MEDIUM CVE-DESC.: Vulnerability in the Decompress function in the decompress.c file. This vulnerability is related to writing beyond the memory bounds. Exploitation of this vulnerability could allow an attacker to cause a service failure...

CVE-2026-46020

The CVE-2026-46020 issue affects the Linux kernel DAMON subsystem (mm/damon/core). DAMOS quota goals for node_mem_{used,free}_bp accept a node id that is used by si_meminfo_node() and NODE_DATA() without proper validation, enabling a privileged user to trigger an out-of-bounds memory access via D...

CVE-2026-45962

In the Linux kernel ublk subsystem, CVE-2026-45962 describes a vulnerability where ublk_ctrl_cmd_dump() may access (header *)sqe->cmd before validating IO_URING_F_SQE128, risking out-of-bounds memory access. The fix moves the SQE128 flag check earlier in ublk_ctrl_uring_cmd() to immediately re...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Ipados

dyld-signing-oracle-poc A controlled exploration of dyld's pa...

ROS-20260521-73-0002

A vulnerability in the .NET software platform involves reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

ROS-20260521-73-0003

A vulnerability in the .NET software platform involves reading outside the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2026-43442

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix physical SQE bounds check for SQEMIXED 128-byte ops When IORINGSETUPSQEMIXED is...

AMF Improperly Restricts Operations within the Bounds of a Memory Buffer

A vulnerability was identified in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. The attack may be initiated remotely. The exploit is publicly availabl...

CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

CVE-2023-31317

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

CVE-2023-31317

The CVE-2023-31317 issue affects the AMD Secure Processor (ASP). It is described as an improper restriction of operations within the bounds of a memory buffer, which could allow a local attacker to read or write to protected memory and potentially achieve arbitrary code execution. The AMD vulnera...

EUVD-2023-35628

Improper restriction of operations within the bounds of a memory buffer in the AMD secure processer ASP could allow an attacker to read or write to protected memory potentially resulting in arbitrary code execution...

ROS-20260515-73-0025

A vulnerability in the WebAudio component of the Google Chrome and Microsoft Edge browsers involves reading outside of the allowed range in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow due to improper bounds checking in memory operations. An attacker can execute arbitrary code or escalate privileges by supplying crafted input to the affected process. Remediation Upgrade...

SUSE CVE-2026-43240

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...

APEI/GHES: ARM processor Error: don't go past allocated memory

...

Linux Distros Unpatched Vulnerability : CVE-2026-43240

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as mem=,...

EUVD-2026-27799

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...

EUVD-2026-27690

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...