CVE-2026-46133

A flaw was found in the Linux kernel's Soft RoCE RDMA/rxe driver. An unauthenticated remote attacker can send a specially crafted UDP packet with an unknown opcode to trigger an out-of-bounds read. This vulnerability can lead to a kernel panic, effectively causing a Denial of Service DoS on the...

CVE-2026-46133

The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...

CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient ICRC checks when processing unknown opcodes in RDMA rxe, potentially leading to out-of-bou...

Astra Linux - уязвимость в binutils

GNU Binutils prior to version 2.34 has a vulnerability related to uninitialized heaps in the function tic4xprintcond file opcodes/tic4x-dis.c. This vulnerability could allow attackers to cause an information leak...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: hci: fixed a nullptrderef in hcireadsupportedcodecs Fixed hcicmdsyncsk to return NOT NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL where an...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002999 advisory. A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003132 advisory. A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the...

MiracleLinux 3 : freetype-2.2.1-26.0.1.AXS3 (AXSA:2010-423:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2010-423:02 advisory. The FreeType engine is a free and portable TrueType font rendering engine, developed to provide TrueType support for a variety of platforms and environments...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001371 advisory. A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48622

CVE-2025-48622 affects the Android/OpenCV-related code path in the dng_misc_opcodes.cpp file, within the ProcessArea, where a buffer overflow can cause an out-of-bounds read. This leads to local information disclosure without requiring user interaction or elevated privileges. The available connec...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48622

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-412662901

In ProcessArea of dngmiscopcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2025-43499

Name of the Vulnerable Software and Affected Versions Android affected versions not specified Description An issue exists in Android related to insufficient protection of service data. Exploitation may allow an attacker to disclose protected information. A potential out-of-bounds read due to a...