243 matches found
PYSEC-2026-529 Salt vulnerable to directory traversal attack in file receiving method
Directory traversal vulnerability in recvfile method allows arbitrary files to be written to the master cache directory...
Linux Distros Unpatched Vulnerability : CVE-2026-52989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it trigger...
EUVD-2026-38857
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fixed a potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can originate from the user space of the hidraw driver, and is bounded ...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: Net: Fixed the issue where load values were being altered in sk-skstamp during sockrecvcmsgs. KCSAN identified a data race in sockrecvcmsgs, where the read access to sk-skstamp requires a READONCE operation. Bug: KCSAN: Data...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: iouring/net: Do not allow overflowing multishot recv. Do not allow overflowing multishot recv CQs; this could lead to unexpected behavior, degrade performance, and in the worst-case scenario, cause the task to terminate due to...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: btmtksdio: fixed a use-after-free in btmtksdiorecvevent We should no longer access the skb buffer data after the hcirecvframe function is called. 39.634809 BUG: KASAN: use-after-free in btmtksdiorecvevent+0x1b0...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: Introduced smbdirectsocketrecvio.credits.available. The logic for managing recv credits by counting posted recvio and granted credits is flawed. This is because the peer might have already consumed a credit...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: media: rc: gpio-ir-recv: added/removed functions If runtime PM is enabled, perform runtime PM cleanup to remove the cpu latency QoS request. Otherwise, driver removal may result in the following kernel dump: 19.463299 Unable t...
PT-2026-49136
driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle 0x27 SecurityAccess function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a...
EUVD-2026-33717
AI Tensor Engine for ROCm AITER through 0.1.14 contains an unauthenticated remote code execution vulnerability in the MessageQueue.recv function within shmbroadcast.py that allows unauthenticated remote attackers to execute arbitrary code by sending a malicious pickle payload to a ZMQ SUB socket...
CVE-2026-49121
CVE-2026-49121 affects AI Tensor Engine for ROCm (AITER) up to version 0.1.14. The vulnerability exists in the MessageQueue.recv() function in shm_broadcast.py, where an unauthenticated remote attacker can deliver a crafted pickle payload to a ZMQ SUB socket (no authentication, no HMAC, no format...
CVE-2026-45151 NanoMQ: NULL Pointer Dereference
NanoMQ MQTT Broker NanoMQ is an all-around Edge Messaging Platform. In 0.24.8 and earlier, quicstreamrecv can dereference a null substream pointer when a substream is in reopen state. The code finishes the AIO with error but does not return before locking c-mtx...
UBUNTU-CVE-2026-45970
In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of the rlbarprecv function after it is released during the power-off binding interface...
SUSE CVE-2026-43620
Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CFINCRECURSE in compatibility flags and sending a...
Rsync < 3.4.3 Out-of-Bounds Array Read via recv_files()
...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: virtio/vsock: Fixed an uninit-value issue in virtiotransportrecvpkt KMSAN reported the following uninit-value access issues: ===================================================== BUG: KMSAN: uninit-value in...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: smb: client: The use of smbdirectsocketrecvio.credits.available has been corrected. The logic for managing recv credits by counting posted recvio and granted credits is flawed. This is because the peer might have already consumed...
CVE-2026-43620
Rsync version 3.4.2 and prior contain a receiver-side out-of-bounds array read vulnerability in recvfiles in receiver.c that allows a malicious rsync server to crash the rsync client process. Attackers can exploit the vulnerability by setting CFINCRECURSE in compatibility flags and sending a...