381 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-55958
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an erro...
Linux Distros Unpatched Vulnerability : CVE-2026-53030
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers...
CVE-2026-53030
A flaw was found in the Linux kernel, specifically within the i3c master renesas driver. This vulnerability is caused by a memory leak in the renesasi3ci3cxfers function, where an allocated xfer structure is not properly freed. An attacker could potentially exploit this to cause a denial of servi...
CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
DEBIAN-CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
UBUNTU-CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
EUVD-2026-39546
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
CVE-2026-55958
The CVE-2026-55958 issue is a buffer overrun in Renesas TSIP TLS 1.3 transcript handling. In tsip_StoreMessage(), a capacity check for the fixed MSGBAG_SIZE (8 KB) sets an error but does not return, allowing an XMEMCPY to overwrite past the end once the TLS handshake transcript exceeds MSGBAGE_SI...
CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
CVE-2026-55958 Renesas TSIP TLS 1.3 transcript buffer out-of-bounds write in tsip_StoreMessage
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
CVE-2026-55958
Out-of-bounds write in the Renesas TSIP TLS 1.3 transcript buffer. In tsipStoreMessage the capacity check guarding the fixed message bag MSGBAGSIZE sets an error code but fails to return, so execution falls through to an XMEMCPY that writes past the end of the buffer once the accumulated TLS 1.3...
PT-2026-52571
Name of the Vulnerable Software and Affected Versions wolfSSL affected versions not specified Description An out-of-bounds write exists in the Renesas TSIP TLS 1.3 transcript buffer. In the tsip StoreMessage function, a capacity check for the fixed message bag MSGBAG SIZE sets an error code but...
EUVD-2026-38898
In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...
CVE-2026-53030
In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...
CVE-2026-53030
CVE-2026-53030 : In the Linux kernel, the i3c master Renesas driver suffers a memory leak in the renesas_i3c_i3c_xfers() path. The xfer structure allocated by renesas_i3c_alloc_xfer() wasn’t freed, leading to potential denial of service via memory exhaustion. The fix applies by using the __free(k...
CVE-2026-53030 i3c: master: renesas: Fix memory leak in renesas_i3c_i3c_xfers()
In the Linux kernel, the following vulnerability has been resolved: i3c: master: renesas: Fix memory leak in renesasi3ci3cxfers The xfer structure allocated by renesasi3callocxfer was never freed in the renesasi3ci3cxfers function. Use the freekfree cleanup attribute to automatically free the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: usb: renesasusbhs: Fixed synchronous external abort when unbind is executed. A synchronous external abort occurs on the Renesas RZ/G3S SoC if unbind is executed after the configuration sequence described above: bash modprobe...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: i2c: riic: Moving suspend handling to NOIRQ phase Commit 53326135d0e0 “i2c: riic: Adding suspend/resume support” added suspend support for the Renesas I2C driver. Following this change, on RZ/G3E, the following warning appears...
PT-2026-51924
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Renesas I3C master driver. The xfer structure allocated by the renesas i3c alloc xfer function is not properly freed within the renesas i3c i3c xfers function...