194 matches found
CVE-2026-53312
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
CVE-2026-53312
The CVE-2026-53312 issue affects the Linux kernel in the iommu/riscv invalidation path. The root cause is integer overflow when handling sign-extended page tables (ULONG_MAX) that could lead to an infinite loop during invalidation. The patch removes these overflows and relocates the +1 to avoid l...
ALPINE-CVE-2026-56123
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...
EUVD-2026-39455
socat versions 1.8.0.0 through 1.8.1.1 contain a heap-based buffer overflow vulnerability that allows a malicious SOCKS5 proxy server to overwrite adjacent heap memory by exploiting a sign-extension flaw in the DOMAINNAME reply parser. During connection setup, the domain name length byte is read...
CVE-2026-53110 s390/bpf: Zero-extend bpf prog return values and kfunc arguments
In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Zero-extend bpf prog return values and kfunc arguments s390x ABI requires callers to zero-extend unsigned arguments and sign-extend signed arguments, and callees to zero-extend unsigned return values and sign-extend...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extension of kfunc call arguments kfunc calls are native calls, so they should follow LoongArch calling conventions. Sign extension of arguments should be performed properly to avoid kernel panic. This is...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: Squashfs: fixed the handling and sanity checking of the xattrids count A Sysbot 1 that corrupted the filesystem exposed two flaws in the handling and sanity checking of the xattrids count in the filesystem. Both of these flaws...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007221)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007221 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and sign...
ROS-20260122-73-0013
A vulnerability in the DevTools component of the Google Chrome browser is related to an unexpected sign extension. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...
SUSE CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
MiracleLinux 4 : ocaml-3.11.2-5.AXS4 (AXSA:2017-1539:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1539:01 advisory. Objective Caml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises t...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003415)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003415 advisory. The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly have...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002901)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002901 advisory. The checkaluop function in kernel/bpf/verifier.c in the Linux kernel through 4.4 allows local users to cause a denial of service memory corruption or possibly have...
CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
UBUNTU-CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
CVE-2025-71129
In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...
Linux Distros Unpatched Vulnerability : CVE-2025-71129
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerabilities have been resolved: riscv, bpf: Sign extension for struct ops correctly handles return values. The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58. Current testprogs pgtable:...