269 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Added sanity checks for drmedidraw. When EDID is retrieved via drmedidraw, it does not guarantee that the caller’s desired EDID bytes will be returned. It may either return NULL leading to an error or return byte...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: xfs: Do not wander off the end of a directory data block This fix adds sanity checks for xfsdir2dataunused and xfsdir2dataentry to ensure that the code does not go beyond the valid memory region. Before the patch, the loop simply...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-srv: Avoid null pointer deref during path establishment. For RTRS path establishment, the RTRS client initiates and completes connection establishment. After establishing all its connections, information is exchanged...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Validates the FF offset. This adds sanity checks for the FF offset. There is a check on rt-firstfree at the beginning, but there is also a check when traversing by FF without any validation. If the second FF is a large...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: nilfs2: Fixed a shift-out-of-bounds/overflow issue in nilfssb2badoffset. The patch series “nilfs2: Fix UBSAN shift-out-of-bounds warnings during mount time” addresses this issue. The first patch fixes a bug reported by syzbot,...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: f2fs: fixed to avoid out-of-boundary access in the dnode page. As Jiaming Zhang reported: dumpstack lib/dumpstack.c:94 inline dumpstacklvl+0x1c1/0x2a0 lib/dumpstack.c:120 printaddressdescription mm/kasan/report.c:378 inline...
CVE-2026-48688
FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...
EUVD-2026-31844
FastNetMon Community Edition through 1.2.9 contains multiple out-of-bounds reads in the BGP MPREACHNLRI IPv6 attribute decoder. The function decodempreachipv6 in src/bgpprotocol.cpp contains a TODO comment at line 156 explicitly acknowledging 'we should add sanity checks to avoid reads after...
Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1, linux
In the Linux kernel, the following vulnerability has been resolved: TCP: Add sanity checks to rx zerocopy The purpose of TCP rx zerocopy is to map pages initially allocated by NIC drivers, not pages owned by a file system. This patch adds additional checks to canmapfrag: - The page must not be a...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: x86/entry: Clear X86FEATURESMAP when CONFIGX86SMAP=n Commit: 3c73b81a9164 “x86/entry, selftests: Further improve user entry sanity checks” added a warning if AC is set when in the kernel. Commit: 662a0221893a3d “x86/entry: Fix...
SUSE CVE-2026-43407
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
EUVD-2026-28713
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
CVE-2026-43407
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
UBUNTU-CVE-2026-43407
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
CVE-2026-43407
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
CVE-2026-43407
In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a message of type CEPHMSGAUTHREPLY. In cephhandleauthreply, the value of...
CVE-2026-43407
The CVE-2026-43407 issue affects the Linux kernel libceph component, where a CEPH_MSG_AUTH_REPLY with a large payload_len could trigger an integer overflow and out-of-bounds read. The root cause is storing payload_len and related lengths in int, allowing negative values to underflow pointers. The...
Linux Distros Unpatched Vulnerability : CVE-2026-43407
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential out-of-bounds access in cephhandleauthreply This patch fixes an out-of-bounds access in cephhandleauthreply that can be triggered by a...
PT-2026-39068
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds access exists in the ceph handle auth reply function within libceph, triggered by a message of type 'CEPH MSG AUTH REPLY'. The issue occurs because the payload len field...
SUSE CVE-2026-43209
In the Linux kernel, the following vulnerability has been resolved: minix: Add required sanity checking to minixchecksuperblock The fs/minix implementation of the minix filesystem does not currently support any other value for slogzonesize than 0. This is also the only value supported in...