Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: asixmdioread: Fix for uninit-value in asixmdioread. asixreadcmd may read less than sizeofsmsr bytes, and in this case, smsr will be uninitialized. Failure logs: BUG: KMSAN: uninit-value in asixcheckhostenable...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

CVE-2026-31412

A flaw was found in the Linux kernel's USB mass storage gadget module usb-gadget-fmassstorage. A remote attacker, acting as a malicious USB host, could send a specially crafted SCSI READ or WRITE command. This action could trigger an integer overflow during data size calculation, leading to an...

CVE-2026-22998

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

CVE-2026-22998 nvme-tcp: fix NULL pointer dereferences in nvmet_tcp_build_pdu_iovec

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix NULL pointer dereferences in nvmettcpbuildpduiovec Commit efa56305908b "nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length" added ttag bounds checking and dataoffset validation in...

CVE-2025-41729

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service...

EUVD-2025-198630

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service...

CVE-2025-41729

CVE-2025-41729 concerns an unauthenticated DoS via a specially crafted Modbus read command. Connected sources identify Janitza UMG 96-PA and Janitza UMG 96-PA-MID+ as affected devices; impact is denial of service on the targeted device. The root cause is enabled by processing a crafted Modbus rea...

CVE-2025-41729 DoS via Modbus Read Command

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service...

CVE-2025-41729 DoS via Modbus Read Command

An unauthenticated remote attacker can send a specially crafted Modbus read command to the device which leads to a denial of service...

EUVD-2025-4377

Malicious code in bioql PyPI...

CVE-2024-40588

CVE-2024-40588 describes multiple relative path traversal vulnerabilities in Fortinet FortiCamera, FortiMail, FortiNDR, FortiRecorder, and FortiVoice. The issue allows a privileged attacker to read files on the underlying filesystem via crafted CLI requests. Affected versions include FortiCamera ...

CVE-2025-5278

A flaw was found in GNU Coreutils. The sort utility's begfield function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitiv...

CVE-2019-14101

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

UBUNTU-CVE-2022-49226

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

CVE-2025-0690

The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to...

CVE-2025-0690

GRUB2 contains a heap-based out-of-bounds write triggered by an integer overflow in the read module, allowing corruption of GRUB internals and potential secure-boot bypass. Affected: GRUB2; root cause: read path overflow in buffering logic; impact as stated is high for confidentiality/integrity/a...

kernel: net: asix: add proper error handling of usb read errors

In the Linux kernel, the following vulnerability has been resolved: net: asix: add proper error handling of usb read errors Syzbot once again hit uninit value in asix driver. The problem still the same -- asixreadcmd reads less bytes, than was requested by caller. Since all read requests are...

SUSE CVE-2023-52742

In the Linux kernel, the following vulnerability has been resolved: net: USB: Fix wrong-direction WARNING in plusb.c The syzbot fuzzer detected a bug in the plusb network driver: A zero-length control-OUT transfer was treated as a read instead of a write. In modern kernels this error provokes a...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from usbnetreadcmd reading fewer bytes than requested...