Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: HID: cp2112: prevented a buffer overflow in cp2112xfer Matching warnings: drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'data-block1' is too small 33 vs 255 drivers/hid/hid-cp2112.c:793 cp2112xfer error: memcpy 'buf' i...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbdirect: verifyremainingdatalength respects maxfragmentedrecvsize This issue is related to the check for dataoffset + datalength...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue reading if the message length passed from the device is ‘0’ or greater than the maximum allowed bytes...

EUVD-2025-210151

A stack overflow in the gfopusreadlength function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

CVE-2025-55660

A stack overflow in the gfopusreadlength function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

PT-2026-49278

Name of the Vulnerable Software and Affected Versions GPAC MP4Box version 2.4 Description A stack overflow occurs in the gf opus read length function within the media tools/av parsers.c file. This issue allows attackers to cause a Denial of Service DoS by providing a specially crafted MP4 file...

CVE-2025-55660

A stack overflow in the gfopusreadlength function mediatools/avparsers.c of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service DoS via supplying a crafted MP4 file...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: freerdp (UTSA-2026-010673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010673 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is...

freerdp: FreeRDP heap-buffer-overflow

A heap based buffer overflow has been discovered in FreeRDP. This heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory...

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow. bsc1257598 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate ...

SUSE-SU-2026:0419-1 Security update for libsoup2

This update for libsoup2 fixes the following issues: - CVE-2026-1761: Check length of bytes read in soupfilterinputstreamreaduntil to avoid a stack-based buffer overflow. bsc1257598...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004880)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004880 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112xfer Smatch warnings: drivers/hid/hid-cp2112.c:79...

OESA-2026-1052 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

CVE-2025-68819

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: dtv5100: fix out-of-bounds in dtv5100i2cmsg rlen value is a user-controlled value, but dtv5100i2cmsg does not check the size of the rlen value. Therefore, if it is set to a value larger than sizeofst-data, an...

CVE-2025-71093

In the Linux kernel, the following vulnerability has been resolved: e1000: fix OOB in e1000tbishouldaccept In e1000tbishouldaccept we read the last byte of the frame via 'datalength - 1' to evaluate the TBI workaround. If the descriptor- reported length is zero or larger than the actual RX buffer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993156)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993156 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112xfer Smatch warnings: drivers/hid/hid-cp2112.c:79...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992426 advisory. In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112xfer Smatch warnings: drivers/hid/hid-cp2112.c:79...

EUVD-2022-55421

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-38425

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message length passed from the device is '0' or greater th...