Linux Distros Unpatched Vulnerability : CVE-2026-46289

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/scatterlist: fix length calculations in extractkvectosg Patch series Fix bugs in extractitertosg, v3. Fix bugs in the kvec and user variants of...

CVE-2026-46289 lib/scatterlist: fix length calculations in extract_kvec_to_sg

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

CVE-2026-46289

In the Linux kernel, CVE-2026-46289 concerns bugs in lib/scatterlist during extract_kvec_to_sg when transferring data from a kvec to a sglist. The main issues: (1) the computed length for a sglist entry can exceed the page size, causing overread; (2) while extracting a user buffer, the sglist can...

PT-2026-47361

Name of the Vulnerable Software and Affected Versions Linux kernel versions 6.3 through 6.5 Description Issues exist in the extract kvec to sg function within the scatterlist library. When extracting from a kvec to a scatterlist, the length for an sglist entry can exceed the number of bytes in th...

CLSA-2026-1777641037 kernel-uek: Fix of CVE-2026-31431

crypto: algifaead - Fix minimum RX size check for decryption CVE-2026-31431 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl CVE-2026-31431 - crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec CVE-2026-31431 - crypto: authencesn - Fix src offset when...

Unbreakable Enterprise kernel security update: Copy Fail

5.15.0-319.201.4.4 - crypto: algifaead - Fix minimum RX size check for decryption Herbert Xu Orabug: 39291961 - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl Herbert Xu Orabug: 39291961 - crypto: authencesn - Fix src offset when decrypting in-place Herbert Xu Orabug: 39291961 -...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990189)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990189 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989992)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989992 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987717)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987717 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting t...

DEBIAN-CVE-2023-53026

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix ib block iterator counter overflow When registering a new DMA MR after selecting the best aligned page size for it, we iterate over the given sglist to split each entry to smaller, aligned to the selected page size...

wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

...

DEBIAN-CVE-2024-56593

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

AZL-55238 CVE-2024-56593 affecting package kernel for versions less than 5.15.176.3-1

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

UBUNTU-CVE-2024-56593

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

CVE-2024-56593 wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

PT-2024-36900

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A NULL pointer dereference bug in the brcmfmac module occurs when a high 'sd sgentry align' value applies and a lot of queued SKBs are sent from the pkt queue. The problem is the number of...

CVE-2022-48795

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix data TLB miss in sbaunmapsg Rolf Eike Beer reported the following bug: 1274934.746891 Bad Address null pointer deref?: Code=15 Data TLB miss fault at addr 0000004140000018 1274934.746891 CPU: 3 PID: 5549 Comm: cmake N...

SUSE CVE-2016-7156

The pvscsiconvertsglist function in hw/scsi/vmwpvscsi.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service infinite loop and QEMU process crash by leveraging an incorrect cast...

SUSE CVE-2017-5856

Memory leak in the megasashandledcmd function in hw/scsi/megasas.c in QEMU aka Quick Emulator allows local guest OS privileged users to cause a denial of service host memory consumption via MegaRAID Firmware Interface MFI commands with the sglist size set to a value over 2 Gb...

PT-2024-10492 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.15.4-gentoo-parisc64 4 Description: The vulnerability is caused by overrunning the sglist and incorrectly testing sg dma lensglist before nents. Normally, this doesn't cause a crash, but in this case, sglist...