333 matches found
SUSE-SU-2026:2722-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3registerwor...
SUSE-SU-2026:22436-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...
SUSE-SU-2026:22460-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak. This issue was fixed by using the syzbot tool to detect and address the KMSAN kernel-infoleak. In tcfifedump, the variable ‘opt’ was partially initialized...
PT-2026-52024
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An unsigned underflow occurs in the omfs make empty function when processing a crafted filesystem image. The omfs fill super function fails to reject s sys blocksize values smaller than...
Oj - Stack Buffer Overflow in Oj.dump via Large Indent
Summary Oj.dump is vulnerable to a stack-based buffer overflow when a large :indent value is provided by the developer. fillindent in dump.h calls memsetindentstr, ' ', sizetopts-indent without validating the size. When opts-indent is set to INTMAX 2,147,483,647, the sizet cast preserves the larg...
CVE-2026-33662
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...
Astra Linux - уязвимость в u-boot
The U-Boot versions from 2016.09 to 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem. This results in a stack buffer overflow, potentially leading to code execution...
Astra Linux – Vulnerability in ffmpeg
The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: A custom memory copy implementation was added for i.MX DSP cores. The IRAM is part of the HiFi DSP. According to the hardware specifications, only 32-bit writes are allowed; otherwise, a Kernel panic will...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed an out-of-bounds memset issue in command slot handling. The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header using memset before verifying the...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: In the video: fbdev: arkfb function, the value of screensize is calculated based on user input. If the user provides an incorrect value, the value of screensize may be larger than info-screensize, which may lead to the following...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: misc/vmwvmci: fixed an infoleak in vmcihostdoreceivedatagram The struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the user space, as observed by KMSAN: BUG: KMSAN:...
Astra Linux – Vulnerability in Mariadb 10.3
It was discovered that MariaDB v10.7 contains a use-after-poison issue in the interceptormemset function located at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of the screen before memsetio In the function s3fbsetpar, the value of ‘screensize’ is calculated based on user input. If the user provides an incorrect value, the value of ‘screensize’ may be...
SUSE CVE-2026-43048
In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...
Linux Distros Unpatched Vulnerability : CVE-2026-43048
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area...
CVE-2026-43048
A flaw was found in the Linux kernel's Human Interface Device HID core. An incorrect memset operation within the hidreportrawevent function can lead to out-of-bounds OOB reads and writes. This vulnerability occurs when the incoming event buffer size is insufficient to fill the associated report,...
CVE-2026-43048
In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...
CVE-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset()
In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...