157 matches found
CVE-2026-52958
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...
CVE-2026-52958 libceph: Fix potential out-of-bounds access in osdmap_decode()
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmapdecode When decoding osdstate and osdweight from an incoming osdmap in osdmapdecode, both are decoded for each osd, i.e., map-maxosd times. The cephdecodeneed check only accoun...
EUVD-2026-32237
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...
CVE-2026-45953
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...
UBUNTU-CVE-2026-45953
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...
CVE-2026-45953
CVE-2026-45953 affects the Linux kernel’s MD RAID5 subsystem. The root cause is a missing check in need_this_block() when an llbitmap bit is unwritten in a degraded array, which can cause stripe handling to deadlock and trigger an I/O hang (DoS-like impact). Public sources describe the issue and ...
CVE-2026-45953 md/raid5: fix IO hang with degraded array with llbitmap
In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix IO hang with degraded array with llbitmap When llbitmap bit state is still unwritten, any new write should force rcw, as bitmapops-blockssynced is checked in handlestripedirtying. However, later the same check is...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ksmbd: a out-of-bounds error in initsmb2rsphdr has been fixed. If a client sends a SMB2 negotiate request and then a SMB1 negotiate request, initsmb2rsphdr is called for the SMB1 negotiate request, since needneg is set to false...
EUVD-2026-28562
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...
CVE-2026-43292
In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: prevent RCU stalls in kasanreleasevmallocnode When CONFIGPAGEOWNER is enabled, freeing KASAN shadow pages during vmalloc cleanup triggers expensive stack unwinding that acquires RCU read locks. Processing a large...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: net/smc: fixed an issue where a NULL pointer was dereferenced in smcibissgneedsync BUG: NULL pointer dereferencing in the kernel, address: 00000000000002ec PGD 0 P4D 0 Oops: 0000 1 SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28...
EUVD-2026-1158
iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have Out-of-bounds Read and Integer Underflow Wrap or Wraparound vulnerabilities in its CIccCalculatorFunc::SequenceNeedTempReset function. This issue is fixed in version 2.3.1....
iccDEV 数字错误漏洞
iccDEV is an open source color configuration code library from the International Color Consortium ICC. A numeric error vulnerability exists in iccDEV version 2.3.1.1 and earlier, which stems from an out-of-bounds read and integer underflow in the CIccCalculatorFunc::SequenceNeedTempReset function...
PT-2026-1433
Name of the Vulnerable Software and Affected Versions iccDEV versions 2.3.1.1 and below Description iccDEV is a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below contain Out-of-bounds Read and Integer Underflow vulnerabilities within the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989811)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989811 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: ttybuffer: Fix the softlockup issue in flushtoldisc When running ltp...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989778)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989778 advisory. In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fsevictinode As Yanming reported in bugzilla:...
EUVD-2004-2091
Malware in sbrugna...
EUVD-2014-5808
Malware in sbrugna...
CVE-2025-39857 net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync()
In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer dereference in smcibissgneedsync BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 1 SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainte...
CVE-2023-53380
CVE-2023-53380 affects the Linux kernel md/raid10 code. A null pointer dereference could occur in raid10_sync_request when a faulty mreplace is set between two checks. The fix merges the two checks into one and replaces the two variables with a single mreplace determination, preventing the race c...