CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492 lib/crypto: mpi: Fix integer underflow in mpi_read_raw_from_sgl()

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

CVE-2026-43492

CVE-2026-43492 affects the Linux kernel crypto stack: mpi_read_raw_from_sgl() can underflow when subtracting lzeros from nbytes if an all-zero scatterlist is used, leading to a DoS with soft lockups. The vulnerability is triggered via KEYCTL_PKEY_ENCRYPT paths that create an all-zero scatterlist ...

CVE-2026-43492

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

EUVD-2026-30878

In the Linux kernel, the following vulnerability has been resolved: lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting "lzeros" from the unsigned "nbytes". For this to happen, the scatterlist "sgl" needs to occupy...

Linux Distros Unpatched Vulnerability : CVE-2026-43492

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/crypto: mpi: Fix integer underflow in mpireadrawfromsgl Yiming reports an integer underflow in mpireadrawfromsgl when subtracting lzeros from the unsigned...

PT-2026-41874

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An integer underflow exists in the mpi read raw from sgl function. This occurs when the number of leading zeros in a scatterlist exceeds the nbytes parameter, causing an underflow during...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fixed out-of-bounds reading in afe4404read|writeraw. KASAN reports an out-of-bounds read as follows: BUG: KASAN: Global out-of-bounds access in afe4404readraw+0x2ce/0x380. A size 4 byte read was performed at...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990036)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990036 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403readraw KASAN report out-of-bounds read as follows:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986742 advisory. In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404read|writeraw KASAN report out-of-bounds read as...

CLSA-2025-1746792339 libxml2: Fix of 2 CVEs

CVE-2025-32415: fix heap-based buffer under-read in xmlSchemaIDCFillNodeTables function - CVE-2025-32414: fix out-of-bounds memory access in Python API by correcting return value in xmlPythonFileRead and xmlPythonFileReadRaw...

The vulnerability of the iio component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the iio component in the Linux operating system’s kernel is related to improper validation of input data in the afe4403readraw function. Exploiting this vulnerability can allow an attacker to cause service failures...

SUSE CVE-2022-49032

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4404: Fix oob read in afe4404read|writeraw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4404readraw+0x2ce/0x380 Read of size 4 at addr ffffffffc00e4658 by task cat/278 Call...

DEBIAN-CVE-2022-49031

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403readraw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4403readraw+0x42e/0x4c0 Read of size 4 at addr ffffffffc02ac638 by task cat/279 Call Trace:...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an out-of-bounds read issue in the afe4404read|writeraw function that could allow an attacker to read...

Rebuild Cross-Site Scripting Vulnerability

Rebuild is a highly customizable enterprise management system. A cross-site scripting vulnerability exists in Rebuild 3.5.5 and earlier versions, which stems from a security issue in the getFileOfData function of filex/read-raw, which can lead to cross-site scripting via the parameter url...

PT-2024-16682 · Rebuild · Rebuild

Name of the Vulnerable Software and Affected Versions: Rebuild versions up to 3.5.5 Description: A vulnerability was found in the function getFileOfData of the file /filex/read-raw. The manipulation of the argument url leads to cross-site scripting. It is possible to launch the attack remotely. T...

SUSE CVE-2004-0133

The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device...

PT-2023-33423 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 4.8 through 4.19.267 Description: The issue concerns an out-of-bounds read in the afe4403 read raw function. This problem was introduced in version v4.8 and is fixed in Linux Kernel version v4.19.268. The actual impact a...