CVE-2026-46601

The CVE affects the webp decoder in golang.org/x/image (webp). A VP8 chunk with dimensions that do not match the canvas size can cause a panic in processing, per the CVE record. No explicit exploit details or remediation are provided in the connected documents; they only describe the vulnerabilit...

CVE-2026-53203

The CVE-2026-53203 issue concerns the Linux kernel’s accel/ivpu MS get_info_ioctl path. The root cause is insufficient validation of the info size returned from the metric stream info query against the allocated buffer, which could lead to a buffer overflow. The documented fix adds a validation s...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the Linux kernel before version 5.19. In the pxa3xxgcuwrite function in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict between sizet and int, which causes an integer overflow and bypasses the size check. Additionally, since this parameter is us...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: crypto: virtio/akcipher – Fixed stack overflows when using memcpy. The value of sizeofstruct virtiocryptoakciphersessionpara is less than sizeofstruct virtiocryptoopctrlreq::u. Copying more bytes from the stack variable leads ...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel 6.0.8, there is a use-after-free in the rununpack function in fs/ntfs3/run.c, which is related to a difference between the NTFS sector size and the media sector size...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23238)

"In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by setti...

CVE-2026-46325

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the rxe component. This vulnerability arises from an incorrect conversion of I/O Virtual Addresses iova to Virtual Addresses va when Memory Regions MRs have page sizes that differ from the...

UBUNTU-CVE-2026-46325

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

CVE-2026-46325 RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGE_SIZE

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

EUVD-2026-35426

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different from the system PAGESIZE. The core issue is that rxesetpage is called...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect handling of the iova to va conversion when the MR page size in RDMA/rxe differs from the...

Linux Distros Unpatched Vulnerability : CVE-2026-46325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/rxe: Fix iova-to-va conversion for MR page sizes != PAGESIZE The current implementation incorrectly handles memory regions MRs with page sizes different fr...

CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

EUVD-2025-210026

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2025-59613

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

PT-2026-45636

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

CVE-2026-46344

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. Prior to 0.16.0, an out-of-bounds read has been identified in the XMSS and XMSS^MT stateful signature verification code. When the verification function is called with a...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Change AMDGPUVARESERVEDTRAPSIZE to 64KB Currently, AMDGPUVARESERVEDTRAPSIZE is hardcoded to 8KB, while KFDCWSRTBATMASIZE is defined as 2 PAGESIZE. On systems with 4K pages, both values match 8KB, so allocation and...

GHSA-R6C9-G6Q5-QRF9 OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size

Summary The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can read beyond the fallback buffer and leak adjacent memory into telemetry. Details...