Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the hidreportrawevent function in the HID core that can cause OOB reads and writes when using memset to clea...

PT-2026-36465

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the HID core where the memset function within hid report raw event attempts to clear data by zeroing the area between the end of the incoming data string and the assumed...

CVE-2026-33662 OP-TEE: RSASSA EMSA- PKCS1-v1_5 underflow in emsa_pkcs1_v1_5_encode()

OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...

CVE-2026-31664

The CVE-2026-31664 issue resides in the Linux kernel xfrm subsystem: build_polexpire() fails to clear trailing padding in struct xfrm_user_polexpire, leaving uninitialized heap bytes that are sent to userspace via netlink multicast (XFRMNLGRP_EXPIRE). The consequence is potential leakage of kerne...

CVE-2026-31664 xfrm: clear trailing padding in build_polexpire()

In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in buildpolexpire buildexpire clears the trailing padding bytes of struct xfrmuserexpire after setting the hard field via memsetafter, but the analogous function buildpolexpire does not do this for...

ALPINE-CVE-2026-39314

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, an integer underflow vulnerability in ppdCreateFromIPP cups/ppd-cache.c allows any unprivileged local user to crash the cupsd root process by supplying a negative...

SUSE CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

EUVD-2026-15216

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

UBUNTU-CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

CVE-2026-23288 accel/amdxdna: Fix out-of-bounds memset in command slot handling

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

CVE-2026-23288

The CVE-2026-23288 issue is in the Linux kernel’s accel/amdxdna component. It describes an out-of-bounds write caused by clearing the command header with memset() before validating the remaining space in a command slot, when the slot space is smaller than the header. The root cause is performing ...

CVE-2026-23288

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

CVE-2026-23288 accel/amdxdna: Fix out-of-bounds memset in command slot handling

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix out-of-bounds memset in command slot handling The remaining space in a command slot may be smaller than the size of the command header. Clearing the command header with memset before verifying the available slo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004909)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004909 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memsetio In the function vt8623fbsetpar,...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004902)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004902 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: arkfb: Check the size of screen before memsetio In the function arkfbsetpar, the...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004890)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004890 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the valu...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993000)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993000 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vt8623fb: Check the size of screen before memsetio In the function vt8623fbsetpar,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993185)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993185 advisory. In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of screen before memsetio In the function s3fbsetpar, the valu...