85 matches found
EUVD-2026-32812
In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in symlinkdata Since smb2checkmessage returns success without length validation for the symlink error response, in symlinkdata it is possible for iov-iovlen to be smaller than sizeofstruct...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation - security issue
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
DEBIAN-CVE-2026-31638
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...
CVE-2026-31638
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...
PT-2026-34990
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc input packet on conn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpc try get cal...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
CVE-2026-32953
Tillitis TKey Client package is a Go package for a TKey client. Versions 1.2.0 and below contain a critical bug in the tkeyclient Go module which causes 1 out of every 256 User Supplied Secrets USS to be silently ignored, producing the same Compound Device Identifier CDI—and thus the same key...
GHSA-4W7R-3222-8H6V Tillitis TKey Client has an Error in Protocol Implementation
Impact Some specific 1 out of 256 User Supplied Secrets USS were not used, making the resulting Compound Device Identifier CDI the same as if no USS was provided. Affected client applications: all client apps using the tkeyclient Go module. Patches Upgrade to v1.3.0. NOTE WELL: For the affected e...
SUSE CVE-2025-68194
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
EUVD-2025-203702
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
CVE-2025-68194
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
UBUNTU-CVE-2025-68194
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
CVE-2025-68194 media: imon: make send_packet() more robust
In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...
CVE-2025-68194
CVE-2025-68194 pertains to the Linux kernel USB video driver for the imon remote, where three related issues in usb_rx_callback_intf0 can cause hung tasks. The problems arise from: 1) after a -EPROTO error when ictx->dev_present_intf0 is true, the driver resubmits the URB, causing printk flood...
Linux Distros Unpatched Vulnerability : CVE-2025-68194
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First...
PT-2025-51607
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel's imon driver contains issues that can lead to hung tasks due to indefinitely holding a device lock. Specifically, the usb rx callback intf0 function can repeatedly...
DEBIAN-CVE-2025-40308
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...
EUVD-2019-10116
Malware in sbrugna...