2437 matches found
CVE-2026-57080
Net::BitTorrent versions through 2.0.1 for Perl allow remote memory exhaustion via an uncapped peer-wire message-length prefix. The peer-wire framing in processmessages trusts the 4-byte length prefix sent by a connected peer with no upper bound, while receivedata appends every inbound byte to th...
kernel: RDMA/iwcm: Fix workqueue list corruption by removing work_list
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA Internet Wide Area RDMA Protocol iWARP subsystem. Incorrect work submission logic in the iwcm component can lead to multiple queueing of work items. This allows a work item to be processed and freed while still present in the...
Linux Distros Unpatched Vulnerability : CVE-2026-53187
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to...
RDMA/srp: bound SRP_RSP sense copy by the received length
...
RDMA/umem: Fix truncation for block sizes >= 4G
...
CVE-2026-53223
A flaw was found in the Linux kernel's networking component. This vulnerability allows a remote attacker to potentially access sensitive information or cause system instability. By sending specially crafted network packets, an attacker can exploit an issue in how the kernel handles timestamping f...
CVE-2026-53186
A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA SCSI RDMA Protocol SRP component. A malicious or compromised SRP target on the InfiniBand/RoCE fabric can exploit this vulnerability by sending a specially crafted SRP response with an excessively large data length. This can...
kernel: RDMA/mana: Remove user triggerable WARN_ON() in mana_ib_create_qp_rss()
A flaw was found in the Linux kernel's RDMA/mana component. A local user could trigger a kernel corruption by providing specific configurations through the user Application Programming Interface uAPI that cause an internal error. This issue arises when Work Queues WQs are specified to share the...
UBUNTU-CVE-2026-53133
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...
UBUNTU-CVE-2026-53188
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...
CVE-2026-53186
In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...
CVE-2026-53133
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...
CVE-2026-53133 RDMA/umem: Fix truncation for block sizes >= 4G
In the Linux kernel, the following vulnerability has been resolved: RDMA/umem: Fix truncation for block sizes = 4G When the iommu is used the linearization of the mapping can give a single block that is very large split across multiple SG entries. When rdmablockiternext reassembles the split SG...
CVE-2026-13030
Uninitialized Use in GPU in Google Chrome on Android prior to 149.0.7827.197 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: RDMA/core: Correctly check the presence of LSNLATYPEDGID. The netlink response for RDMANLLSOPIPRESOLVE should always contain an LSNLATYPEDGID attribute; it is invalid if it is missing. Properly use the nl parsing logic and cal...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: The corruption of the workqueue list was fixed by removing the worklist. The commit e1168f0 “RDMA/iwcm: Simplify cmeventhandler” changed the logic for submitting work to call queuework unconditionally. This was done wi...
Astra Linux – Vulnerability in Chromium
A out-of-bounds read in Skia using Google Chrome before version 146.0.7680.153 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fixed a memory leak in the GETDATADIRECTSYSFSPATH handler. The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceed...
Astra Linux – Vulnerability in Chromium
A heap buffer overflow in WebGL in Google Chrome prior to version 146.0.7680.165 allowed a remote attacker to perform an out-of-bounds memory read through a crafted HTML page. Chromium security severity: High...
Astra Linux – Vulnerability in Chromium
Inappropriate implementation in WebGL in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...