157 matches found
GHSA-GF9R-M956-97QX zebrad has consensus divergence via P2SH sigop undercount in pure-Rust disabled-opcode parser
Am I affected You are affected if: 1. You run any version of zebrad up to and including v4.4.1. 2. Your node validates blocks on mainnet, testnet, or any network where both Zebra and zcashd nodes participate. All default configurations are affected. No feature flags, non-default settings, or...
UBUNTU-CVE-2026-52939
In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...
PT-2026-51732
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the rds ib send cqe handler function when handling masked atomic completions. The rds ib xmit atomic function programs a masked atomic opcode either ...
GHSA-5RPH-Q42J-36J9 Duplicate Advisory: Picklescan has pickle parsing logic flaw that leads to malicious pickle file bypass
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9gvj-pp9x-gcfr. This link is maintained to preserve external references. Original Description picklescan before 0.0.27 contains a parsing logic error in the listglobals function when handling STACKGLOBAL opcodes...
CVE-2026-49190
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
CVE-2026-49190 Missing Per-Instruction Authorization Checks
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
CVE-2026-49190 Missing Per-Instruction Authorization Checks
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
EUVD-2026-34209
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
CVE-2026-49190
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
CVE-2026-49190
Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the initial document or connected sources. Monitor for updates from official advisories.
PT-2026-46148
The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...
RDMA/rxe: Reject unknown opcodes before ICRC processing
...
CVE-2026-46133
A flaw was found in the Linux kernel's Soft RoCE RDMA/rxe driver. An unauthenticated remote attacker can send a specially crafted UDP packet with an unknown opcode to trigger an out-of-bounds read. This vulnerability can lead to a kernel panic, effectively causing a Denial of Service DoS on the...
CVE-2026-46133 RDMA/rxe: Reject unknown opcodes before ICRC processing
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...
CVE-2026-46133
In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...
CVE-2026-46133
The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient ICRC checks when processing unknown opcodes in RDMA rxe, potentially leading to out-of-bou...
Astra Linux – Vulnerability in binutils
GNU Binutils prior to version 2.34 has a vulnerability related to uninitialized heaps in the function tic4xprintcond file opcodes/tic4x-dis.c. This vulnerability could allow attackers to cause an information leak...
kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling
A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...
kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling
A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...