CVE-2026-43495

CVE-2026-43495 concerns the Linux kernel net/wwan/t7xx subsystem. The issue arises in t7xx_port_enum_msg_handler, which uses a modem-provided port_count to loop over port_msg->data[] without ensuring the message buffer is long enough, enabling a potential slab-out-of-bounds read when port_coun...

can: ems_usb: ems_usb_read_bulk_callback(): check the proper length of a message

...

CVE-2026-23307

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: check the proper length of a message When looking at the data in a USB urb, the actuallength is the size of the buffer passed to the driver, not the transferbufferlength which is set by the...

SUSE CVE-2023-54314

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

CVE-2023-54093

The CVE-2023-54093 issue affects the Linux kernel in the media/anysee driver. Root cause: in anysee_master_xfer, user-controlled msg i entries could lead to a null pointer dereference when msg[i].buf is null and msg[i].len is zero; a length check prevents the crash. The patch adds a guard on msg[...

EUVD-2018-3852

Malware in sbrugna...

EUVD-2019-5318

Malware in sbrugna...

EUVD-2019-7681

Malware in sbrugna...

EUVD-2025-22660

Malicious code in bioql PyPI...

EUVD-2025-26775

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check msgi.len, which could result in a null pointer dereference...

AZL-73923 CVE-2025-38693 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: w7090p: fix null-ptr-deref in w7090ptunerwriteserpar and w7090ptunerreadserpar In w7090ptunerwriteserpar, msg is controlled by user. When msg0.buf is null and msg0.len is zero, former checks on msg0.buf woul...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference due to a failure of the dib7090p tuner to check message length...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that originates from a null pointer dereference due to a failure of the w7090p tuner to check message length...

CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater than the maximum allowed bytes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check msgi.len resulting in a null pointer dereference...

CVE-2022-49862 tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header

In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg-req tlv len check in tipcnlcompatnametabledumpheader This is a follow-up for commit 974cb0e3e7c9 "tipc: fix uninit-value in tipcnlcompatnametabledump" where it should have type casted sizeof.. to int to work whe...

CVE-2024-56616 drm/dp_mst: Fix MST sideband message body length check

In the Linux kernel, the following vulnerability has been resolved: drm/dpmst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1 byte accounting for the message body CRC aka message data CRC at the end of the message. This fixes a...

Important: linuxptp security update

The linuxptp packages provide Precision Time Protocol PTP implementation for Linux according to IEEE standard 1588 for Linux. The dual design goals are to provide a robust implementation of the standard and to use the most relevant and modern Application Programming Interfaces API offered by the...

CVE-2019-17266

libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soupntlmparsechallenge in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy...