27 matches found
SUSE CVE-2026-53194
In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...
PT-2026-52290
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A slab out-of-bounds write exists in the kl5kusb105 USB serial driver. The function klsi 105 prepare write buffer incorrectly handles the bulk-out buffer by storing a two-byte length...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: netfs: Fixed a NULL pointer dereferencing in netfsunbufferedwrite, when a write subrequest is marked as NETFSSREQNEEDRETRY. When the retry path in netfsunbufferedwrite calls stream-preparewrite without checking whether...
EUVD-2026-24762
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...
CVE-2026-31437
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...
CVE-2026-31437 netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...
CVE-2026-31437
The CVE-2026-31437 issue is in the Linux kernel netfs path: when a write subrequest is marked NETFS_SREQ_NEED_RETRY, netfs_unbuffered_write() could dereference stream->prepare_write if it is NULL (not all filesystems, e.g., 9P, set prepare_write). The fixed behavior mirrors write_retry.c: if s...
CVE-2026-31437 netfs: Fix NULL pointer dereference in netfs_unbuffered_write() on retry
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfsunbufferedwrite on retry When a write subrequest is marked NETFSSREQNEEDRETRY, the retry path in netfsunbufferedwrite unconditionally calls stream-preparewrite without checking if it is...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing in the netfsunbufferedwrite retry path. This could lead to a failure...
PT-2026-34342
In the Linux kernel, the following vulnerability has been resolved: netfs: Fix NULL pointer dereference in netfs unbuffered write on retry When a write subrequest is marked NETFS SREQ NEED RETRY, the retry path in netfs unbuffered write unconditionally calls stream-prepare write without checking ...
CVE-2026-25508
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25508
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
EUVD-2026-5378
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
CVE-2026-25508
ESF-IDF (Espressif IoT Development Framework) has an out-of-bounds read in the BLE ATT Prepare Write handling of the BLE provisioning transport (protocomm_ble). A remote BLE client in provisioning mode can trigger the issue by sending overlapped prepare-write fragments; the system tracks a cumula...
CVE-2026-25508 ESF-IDF Has Memory Safety Vulnerabilities in BLE Provisioning
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6, an out-of-bounds read vulnerability was reported in the BLE ATT Prepare Write handling of the BLE provisioning transport protocommble. The issue can be triggered by a remote B...
PT-2026-6300
Name of the Vulnerable Software and Affected Versions Espressif Internet of Things IOT Development Framework versions 5.1.6 through 5.5.2 Description The Espressif Internet of Things IOT Development Framework ESF-IDF contains a flaw in the BLE ATT Prepare Write handling within the BLE provisionin...
Espressif ESP-IDF 缓冲区错误漏洞
Espressif ESP-IDF is an IoT development framework developed by Espressif, a Chinese company. Versions 5.5.2, 5.4.3, 5.3.4, 5.2.6, and 5.1.6 of Espressif ESP-IDF contain buffer error vulnerabilities. These vulnerabilities stem from issues with out-of-bounds read operations during the BLE ATT Prepa...
CVE-2023-0775
An invalid ‘prepare write request’ command can cause the Bluetooth LE stack to run out of memory and fail to be able to handle subsequent connection requests, resulting in a denial-of-service...