CVE-2026-33662

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fixed an out-of-bounds memset issue in command slot handling. The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header using memset before verifying the...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerabilities have been resolved: misc/vmwvmci: fixed an infoleak in vmcihostdoreceivedatagram The struct vmcieventqp allocated by qpnotifypeer contains padding, which may carry uninitialized data to the user space, as observed by KMSAN. BUG: KMSAN:...

Astra Linux - уязвимость в ffmpeg

The decodeframe function in libavcodec/exr.c in FFmpeg 4.3.1 has a buffer overflow due to errors in calculating when to perform memset zero operations...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the video:fbdev:arkfb function, the value of screensize is calculated based on user input. If the user provides an incorrect value, the value of screensize may be larger than info-screensize, which may lead to the following bu...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: re-fix fortified-memset warning The carl9170txrelease function sometimes triggers a fortified-memset warning in my build configurations. This issue occurs in the following file: include/linux/string.h:254, and in...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: In the fbdev: s3fb module, the value of screensize is calculated based on user input. If an improper value is provided by the user, the value of screensize may be larger than info-screensize, which may lead to the following bug:...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: sched: actife: initialize struct tcife to fix KMSAN kernel-infoleak. A KMSAN kernel-infoleak was detected by the syzbot. net? KMSAN: kernel-infoleak in skbdatagramiter. In tcfifedump, the variable ‘opt’ was partially...

Astra Linux - уязвимость в u-boot

The U-Boot versions from 2016.09 to 2019.07-rc4 can memset too much data while reading a crafted ext4 filesystem. This results in a stack buffer overflow, potentially leading to code execution...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxdsprproc: Custom memory copy implementations have been added for i.MX DSP cores. The IRAM is part of the HiFi DSP. According to the hardware specifications, only 32-bit writes are allowed; otherwise, a Kernel panic...

SUSE CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

Astra Linux - уязвимость в mariadb-10.3

It was discovered that MariaDB v10.7 contains a use-after-poison issue in the interceptormemset function located at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...

Linux Distros Unpatched Vulnerability : CVE-2026-43048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area...

CVE-2026-43048

A flaw was found in the Linux kernel's Human Interface Device HID core. An incorrect memset operation within the hidreportrawevent function can lead to out-of-bounds OOB reads and writes. This vulnerability occurs when the incoming event buffer size is insufficient to fill the associated report,...

CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

EUVD-2026-26647

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

CVE-2026-43048

The CVE concerns the Linux kernel HID core. The issue arises in hid_report_raw_event() where a memset() intended to clear bogus data can trigger out-of-bounds reads/writes when the incoming event buffer is not large enough for the report. The fix removes the problematic memset() and instead retur...

CVE-2026-43048 HID: core: Mitigate potential OOB by removing bogus memset()

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...

CVE-2026-43048

In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset The memset in hidreportrawevent has the good intention of clearing out bogus data by zeroing the area from the end of the incoming data string to the assumed end of the...