1069 matches found
CVE-2026-10652
Zephyr's DNS resolver subsys/net/lib/dns parses resource records from DNS responses in dnsunpackanswer, which validated only the fixed RR header type, class, TTL, rdlength and accepted any attacker-declared rdlength, including one extending past the end of the received datagram. The TXT and SRV...
DEBIAN-CVE-2026-13523
A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/baseencoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the...
CVE-2026-13523
GPAC (up to 26.02.0) is affected in the ISOBMFF Parser component, specifically the file src/utils/base_encoding.c. A manipulation can lead to data amplification, with local access required. The issue has a publicly available exploit and a remediation patch has been released. Vendor-provided fix a...
JLSEC-2026-644 When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run...
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
EUVD-2026-39297
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...
CVE-2026-53173 accel/ethosu: fix OOB write in ethosu_gem_cmdstream_copy_and_validate()
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...
Linux Distros Unpatched Vulnerability : CVE-2026-53004
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sctp: fix OOB write to userspace in sctpgetsockoptpeerauthchunks sctpgetsockoptpeerauthchunks checks that the caller's optval buffer is large enough for the pee...
Linux Distros Unpatched Vulnerability : CVE-2026-52956
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libceph: Fix potential out-of-bounds access in cephxdecrypt In cephxdecrypt, a part of the buffer p is interpreted as a cephxencryptheader, and the magic field ...
EUVD-2026-38936
In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performe...
CVE-2026-53068
CVE-2026-53068 (Linux kernel, drm/komeda AFBC size check) Root cause: integer overflow in the calculation of the minimum required framebuffer size (AFBC payload size + framebuffer offset) during validation, allowing a malformed, undersized drm_gem_object to slip through. Impact: potential out-of-...
CVE-2026-52934
In the Linux kernel, the following vulnerability has been resolved: batman-adv: tvlv: reject oversized TVLV packets batadvtvlvcontainerogmappend builds a TVLV packet section from the tvlv.containerlist. The total size of this section is computed by batadvtvlvcontainerlistsize, which sums the size...
CVE-2026-3195
A flaw was found in QEMU. When reading input audio in the virtio-snd device input callback, the virtiosndpcmincb function did not check whether the iov could fit the data buffer, potentially leading to a heap out-of-bounds write. This issue exists due to an incomplete fix for CVE-2024-7730...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A shift-out-of-bounds condition has been fixed due to an overly large exponent of the block size. If the slogblocksize field in the superblock data is corrupted and too large, initnilfs and loadnilfs may still trigger a...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ext2: Check block size validity during mount It is necessary to ensure that the value of the block size recorded in the superblock is valid. Otherwise, the shift operation used to calculate the block size may overflow, resulting ...
Astra Linux – Vulnerability found in Linux 5.15, Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a slab out-of-bounds write in smbinheritdacl. The slab out-of-bounds write occurs because the offsets are larger than the allocation size of pntsd. This patch adds a check to validate the three offsets using the...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: nfc: nci: Fixed an uninitialized value in ncidevup and ncintfpacket. syzbot reported the following uninitialized value access issue 12: The ncirxwork function parses and processes received packets. When the payload length is...
Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: ksmbd: The validation of the request buffer size was added in smb2allocaterspbuf. The response buffer should be allocated in smb2allocaterspbuf before validation of the request. However, fields within the payload as well as the...
Astra Linux – Vulnerability in Linux 5.10, Linux, Linux 5.15
In the Linux kernel, the following vulnerabilities have been resolved: gfs2: Always check the inode size of inline inodes. Check whether the inode size of inline inodes is within the allowed range when reading inodes from the disk gfs2dinodein. This prevents on-disk corruption. The two checks in...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbAllocAG Syzbot identified a crash issue: UBSAN: shift-out-of-bounds in dbAllocAG. The underlying bug lies in the lack of a check on bmp-dbagl2size. This field can be larger than 64, leading t...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: video: fbdev: s3fb: Check the size of the screen before memsetio In the function s3fbsetpar, the value of ‘screensize’ is calculated based on user input. If the user provides an incorrect value, the value of ‘screensize’ may be...