UBUNTU-CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

EUVD-2026-32776

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149 scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

CVE-2026-46149

Summary: CVE-2026-46149 affects the Linux kernel SCSI target subsystem, specifically the configfs path in tg_pt_gp_members_show(). The function formats LUN paths with snprintf() into a 256-byte stack buffer and then copies cur_len bytes via memcpy(), but snprintf() may return a length that exceed...

PT-2026-44272

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tg pt gp members show target tg pt gp members show formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy cur len bytes from that buffer. snprintf returns t...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with the snprintf return value in the scsitargetconfigfs function’s tgptgpmembersshow. This...

SUSE CVE-2019-9719

A stack-based buffer overflow in the subtitle decoder in Libav 12.3 allows attackers to corrupt the stack via a crafted video file in Matroska format, because srttoass in libavcodec/srtdec.c misuses snprintf. NOTE: Third parties dispute that this is a vulnerability because “no evidence of a...

SUSE CVE-2022-50299

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fixed a potential buffer overflow in ‘dpdscclockenread’. Inform snprintf to store at most 10 bytes in the output buffer instead of 30. The issue was fixed in:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021581 advisory. In the Linux kernel, the following vulnerability has been resolved: bnxt: Do not read past the end of test names Test names were being concatenated based on a offset...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel error caused by a write operation in read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: md: Replace snprintf with scnprintf Current code produces a warning as shown below when total characters in the constituent block device names plus the slashes exceeds 200. snprintf returns the number of characters generated from...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: SCSI: QLA2XXX – Array index may go out of bound Klocwork reports that the array “vha-hoststr” of size 16 may use index values 16–19. It is recommended to use snprintf instead of sprintf...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: dev/parport: Fixed the array out-of-bounds issue caused by sprintf. The issue was addressed by replacing sprintf with snprintf, resulting in safer data copying and ensuring that the destination buffer is not overflowed. Below ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix showrcutaskstracegpkthread buffer overflow There is a possibility of buffer overflow in showrcutaskstracegpkthread if counters, passed to sprintf are huge. Counter numbers, needed for this are unrealistically high,...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: bna: Adjust the ‘name’ buffer size of bnatcb and bnaccb structures. To ensure there is enough space to store all possible arguments for sprintf. Currently, the ‘name’ size is 16 characters, but the first '%s' specifier may...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Debug: Fixed a potential buffer overflow caused by snprintf. The snprintf function returns the size of the string that would be filled if it exceeds the given buffer size. Therefore, using this value may lead to a buff...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013752)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013752 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow A buffer overflow...