CVE-2026-46070

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

EUVD-2026-32452

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

CVE-2019-2332

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...

PT-2025-47405

Name of the Vulnerable Software and Affected Versions joserfc versions 1.3.3 through 1.3.4 joserfc versions 1.4.0 through 1.4.1 Description The joserfc library has an issue where excessively large JWT JSON Web Token payloads can be logged, potentially leading to resource exhaustion. Specifically,...

ksmbd: transport_ipc: validate payload size before reading handle

...

EUVD-2025-36664

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

CVE-2025-40084

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

CVE-2025-40084 ksmbd: transport_ipc: validate payload size before reading handle

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

CVE-2025-40084

CVE-2025-40084 affects the Linux kernel’s ksmbd transport_ipc path. The flaw arises when handle_response() reads a 4-byte handle from the payload without verifying that the declared payload size is at least 4 bytes, allowing a malformed or truncated ksmbd.mountd message to cause a read past the p...

Linux Distros Unpatched Vulnerability : CVE-2025-40084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared...

EUVD-2019-2430

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2024-38381

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork syzbot reported the following uninit-value access...

CVE-2024-26811

CVE-2024-26811 affects the Linux kernel ksmbd component. Root cause: ksmbd.mountd can return an invalid IPC response if malicious ksmbd-tools are installed, allowing memory overrun/slab-out-of-bounds due to missing validation of IPC payload size. The patch adds validation for three IPC responses ...

PT-2024-22346 · Eprosima +1 · Eprosima Fast Dds +1

Name of the Vulnerable Software and Affected Versions: eprosima Fast DDS versions prior to 2.14.0 eprosima Fast DDS versions prior to 2.13.4 eprosima Fast DDS versions prior to 2.12.3 eprosima Fast DDS versions prior to 2.10.4 eprosima Fast DDS versions prior to 2.6.8 Description: The issue is...