100 matches found
EUVD-2026-38870
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...
CVE-2026-53002
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...
CVE-2026-53002 netfilter: conntrack: remove sprintf usage
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...
CVE-2026-53002 netfilter: conntrack: remove sprintf usage
In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: remove sprintf usage Replace it with scnprintf, the buffer sizes are expected to be large enough to hold the result, no need for snprintf+overflow check. Increase buffer size in manglecontentlen while at it...
CVE-2026-53002
The CVE-2026-53002 entry documents a vulnerability in the Linux kernel’s netfilter/conntrack code. Root cause: use of sprintf with inadequate buffer handling in mangle_content_len(), leading to a potential stack-out-of-bounds write (KASAN). The fix replaces sprintf with scnprintf and increases th...
PT-2026-51896
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the netfilter conntrack module occurs due to the use of the sprintf function and insufficient buffer sizing within the mangle content len function. This can lead to a...
SUSE CVE-2022-50299
In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf The current code produces a warning when the total number of characters in the constituent block device names, plus the slashes, exceeds 200. snprintf returns the number of characters generated...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: parport: Proper fix for array out-of-bounds access. The recent fix for array out-of-bounds accesses replaced sprintf calls with snprintf. However, since snprintf returns the size of the data to be printed, not the actual output...
Astra Linux – Vulnerability in Linux 5.10, Linux
In the Linux kernel, the following vulnerabilities have been resolved: iommu/omap: Fixed buffer overflow in debugfs There are two issues here: 1 The “len” variable needs to be checked before the very first write. Otherwise, if omap2iommudumpctx is called with “bytes” less than 32, it will result ...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: PM / devfreq: Fixed buffer overflow in transstatshow. Fixed buffer overflow in transstatshow. Changed the use of simple snprintf to the safer scnprintf, with PAGESIZE as an additional parameter. Added condition checking to see...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. snprintf returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buffer overflow...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021541)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021541 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...
SUSE CVE-2026-31630
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...
CVE-2026-31630
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...
CVE-2026-31630
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...
CVE-2026-31630
The CVE-2026-31630 issue affects the Linux kernel RXRPC procfs address formatting: AF_RXRPC procfs helpers used fixed 50-byte buffers to render local/remote socket addresses with "%pISpc", which is insufficient for the longest current IPv6-with-port forms (notably ISATAP paths). The root cause is...
CVE-2026-31630
In the Linux kernel, the following vulnerability has been resolved: rxrpc: proc: size address buffers for %pISpc output The AFRXRPC procfs helpers format local and remote socket addresses into fixed 50-byte stack buffers with "%pISpc". That is too small for the longest current-tree IPv6-with-port...
PT-2026-34982
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the AF RXRPC procfs helpers, local and remote socket addresses are formatted into fixed 50-byte stack buffers using the %pISpc formatter. This buffer size is insufficient for the...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006729)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006729 advisory. In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in transstatshow Fix buffer overflow in transstatshow. Convert...