Astra Linux - уязвимость в linux

A flaw was discovered in the Linux kernel in versions prior to 5.9-rc6. When changing the screen size, an out-of-bounds memory write can occur, leading to memory corruption or a denial of service. Due to the nature of the flaw, privilege escalation cannot be completely ruled out...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: net: sfc: add missing xdp queue reinitialization After rx/tx ring buffer size is changed, kernel panic occurs when it acts XDPTX or XDPREDIRECT. When tx/rx ring buffer size is changedethtool -G, sfc driver reallocates and...

Pixarra TwistedBrush Pro Studio 缓冲区错误漏洞

Pixarra TwistedBrush Pro Studio is a digital painting software developed by the American company Pixarra. Version 24.06 of Pixarra TwistedBrush Pro Studio has a buffer overflow vulnerability. This vulnerability arises from the excessive length of the buffer entered during the image size adjustmen...

CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

CVE-2026-23181

In CVE-2026-23181, the Linux kernel btrfs read path can trigger inconsistent folio ordering when a block size change via BLKBSZSET occurs after folio allocation during read cache operations, leading to a VM_BUG_ON_FOLIO assertion and a null pointer dereference in create_empty_buffers. The documen...

Linux Distros Unpatched Vulnerability : CVE-2026-23181

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the...

kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004087)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004087 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of- bounds memory write can occur leading to memory corruption or ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000371)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000371 advisory. A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-of- bounds memory write can occur leading to memory corruption or ...

PT-2026-8189

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's btrfs file system related to block size synchronization during mount operations. Specifically, when a btrfs file system is mounted, the block device m...

kernel: sched: sch_cake: add bounds checks to host bulk flow fairness counts

In the Linux kernel, the following vulnerability has been resolved: sched: schcake: add bounds checks to host bulk flow fairness counts Even though we fixed a logic error in the commit cited below, syzbot still managed to trigger an underflow of the per-host bulk flow counters, leading to an out ...

kernel: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989817)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989817 advisory. In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmpdma: In struct zynqmpdmachan fix descsize data type In...

CVE-2025-64118 node-tar vulnerable to race condition leading to uninitialized memory exposure

node-tar is a Tar for Node.js. In 7.5.1, using .t aka .list with sync: true to read tar entry contents returns uninitialized memory contents if tar file was changed on disk to a smaller size while being read. This vulnerability is fixed in 7.5.2...

CVE-2025-38226

In the Linux kernel, the following vulnerability has been resolved: media: vivid: Change the siize of the composing syzkaller found a bug: BUG: KASAN: vmalloc-out-of-bounds in tpgfillplanepattern drivers/media/common/v4l2-tpg/v4l2-tpg-core.c:2608 inline BUG: KASAN: vmalloc-out-of-bounds in...

CVE-2025-21468

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer...

CVE-2025-21468 Out-of-bounds Write in Computer Vision

Memory corruption while reading response from FW, when buffer size is changed by FW while driver is using this size to write null character at the end of buffer...

UBUNTU-CVE-2024-58006

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...

CVE-2024-58006 PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar()

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pciepcsetbar In commit 4284c88fff0e "PCI: designware-ep: Allow pciepcsetbar update inbound map address" setbar was modified to support dynamically changing the backing physical...