CVE-2026-43288

Summary: CVE-2026-43288 relates to the Linux kernel ext4 filesystem. The root cause is a per-CPU counter accessed before it is initialized during block bitmap validation, which can cause a kernel panic and potential DoS when mounting a specially crafted ext4 filesystem with quota/project options....

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip – fixed a mismatch in operations on the sglsgenr variable. KASAN reported this bug as follows: 17619.659757 BUG: KASAN: Global-out-of-bounds condition in paramgetint+0x34/0x60. 17619.673193 A size 4 read was...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: The jump labels are called before parseearlyparam is executed. On 64-bit systems, calling jumplabelinit within setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam, which in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PM: hibernate: Avoid deadlock in hibernatecompressorparamset syzbot reported a deadlock in locksystemsleep see below. The write operation to "/sys/module/hibernate/parameters/compressor" conflicts with the registration of the...

CVE-2026-43018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...

CVE-2026-43018

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: fix potential UAF in hcileremoteconnparamreqevt hciconn lookup and field access must be covered by hdev lock in hcileremoteconnparamreqevt, otherwise it's possible it is freed concurrently. Extend the...

SUSE CVE-2026-31459

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix paramctx leak on damonsysfsnewtestctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMONSYSFS can leak memory under allocation failure, and do NULL pointer dereferenc...

CVE-2026-31459 mm/damon/sysfs: fix param_ctx leak on damon_sysfs_new_test_ctx() failure

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs: fix paramctx leak on damonsysfsnewtestctx failure Patch series "mm/damon/sysfs: fix memory leak and NULL dereference issues", v4. DAMONSYSFS can leak memory under allocation failure, and do NULL pointer dereferenc...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013535)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013535 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BU...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011215 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/zip - fix mismatch in get/set sglsgenr KASAN reported this Bug: 17619.659757 BU...

EUVD-2026-23939

NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. Versions prior to 0.24.11 have a remotely triggerable heap buffer overflow in the uriparamparse function of NanoMQ's REST API. The vulnerability occurs due to an off-by-one error when allocating memory for query parameter keys an...

H3C Magic B1 安全漏洞

H3C Magic B1 is a wireless router produced by H3C Corporation in China. The H3C Magic B1 100R004 and earlier versions have security vulnerabilities. These vulnerabilities stem from operations on the parameter “param” within the file/goform/aspForm, which may lead to buffer overflows...

CVE-2026-33888

ApostropheCMS (Node.js) before version 4.29.0 is affected by an authorization bypass in the getRestQuery method of the @apostrophecms/piece-type module. An unauthenticated user can add a project query parameter in the REST API request, which is processed by applyBuildersSafely prior to permission...

SUSE CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

FFmpeg read_global_param() function out-of-bounds read vulnerability

FFmpeg is an open source software library for processing multimedia data. An out-of-bounds read vulnerability exists in FFmpeg. The vulnerability stems from a failure of the readglobalparam function to properly handle specially crafted input, which can be exploited by an attacker to cause a denia...

CVE-2026-30997

A flaw was found in FFmpeg. An attacker can exploit an out-of-bounds read vulnerability within the readglobalparam function by providing a specially crafted input. This can lead to a Denial of Service DoS, making the affected system or application unavailable. Mitigation For systems processing...

EUVD-2026-21972

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

DEBIAN-CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2026-30997

An out-of-bounds read in the readglobalparam function libavcodec/av1dec.c of FFmpeg v8.0.1 allows attackers to cause a Denial of Service DoS via a crafted input...