CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: L2CAP: Fixed a stack-out-of-bounds read in l2capecredconnreq. Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd, which is triggered by a malformed Enhanced Credit Based Connection Request. The...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: wifi: brcmfmac: Ensure that the CLM version is terminated with null characters to prevent a stack-out-of-bounds issue. A stack-out-of-bounds read occurred in brcmfmac when a buffer that is not terminated with null characters w...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: MGMT: fixed a crash in setmeshsync and setmeshcomplete. There is a bug: KASAN: a stack-out-of-bounds issue in setmeshsync, caused by memcpy from a poorly declared on-stack flexible array. Another crash occurs in...

Astra Linux - уязвимость в linux-5.10, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: riscv: Use READONCENOCHECK in the imprecise unwinding stack mode. When CONFIGFRAMEPOINTER is not set, the stack unwinding function walkstackframe randomly reads from the stack. When KASAN is enabled, this can lead to the followin...

CVE-2026-43453

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: fix stack out-of-bounds read in pipapodrop pipapodrop passes rulemapi + 1.n to pipapounmap as the tooffset argument on every iteration, including the last one where i == m-fieldcount - 1. This reads one...

CVE-2026-43453

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: fix stack out-of-bounds read in pipapodrop pipapodrop passes rulemapi + 1.n to pipapounmap as the tooffset argument on every iteration, including the last one where i == m-fieldcount - 1. This reads one...

SUSE CVE-2026-31778

In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in initcard The loop creates a whitespace-stripped copy of the card shortname where len id is used for the bounds check. Since sizeofcard-id is 16 and the local id buffer is also 16 bytes...

Linux Distros Unpatched Vulnerability : CVE-2026-42480

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based out-of-bounds read vulnerability in VrmlDataScene::ReadLine in the VRML parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a...

CVE-2026-31778

A flaw was found in the Linux kernel's ALSA caiaq driver. A local user with a specially crafted USB device, containing a product name with many non-ASCII or non-space characters, can trigger a stack out-of-bounds read. This vulnerability allows the system to read past the end of a stack buffer,...

PT-2026-34418

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006923)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006923 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: ensure CLM version is null-terminated to prevent stack-out-of-bounds Fix a...

CVE-2022-50828

In the Linux kernel, the following vulnerability has been resolved: clk: zynqmp: Fix stack-out-of-bounds in strncpy "BUG: KASAN: stack-out-of-bounds in strncpy+0x30/0x68" Linux-ATF interface is using 16 bytes of SMC payload. In case clock name is longer than 15 bytes, string terminated NULL...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-992192)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992192 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a...

EUVD-2025-203688

In the Linux kernel, the following vulnerability has been resolved: bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv, ...; queuedst = pushstack...; widenimprecisescalarsenv, prevst,...

Linux Distros Unpatched Vulnerability : CVE-2025-68208

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: account for current allocated stack depth in widenimprecisescalars The usage pattern for widenimprecisescalars looks as follows: prevst = findpreventryenv...

OESA-2025-2805 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. Th...

CVE-2023-53717 wifi: ath9k: Fix potential stack-out-of-bounds write in ath9k_wmi_rsp_callback()

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a stack-out-of-bounds write that occurs in a WMI response callback function that is called after a timeout occurs in ath9kwmicmd. The callback writes...

CVE-2023-53717

CVE-2023-53717 affects the ath9k wireless driver in the Linux kernel, where a WMI response callback could write to a stack-allocated buffer after a timeout, risking a stack-out-of-bounds write. The issue is documented as fixed in SUSE kernel live patches (e.g., SUSE-SU-2026:0200-1, SUSE-SU-2026:0...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the CLM version of strings not ending with a null character, which could lead to a stack out-of-bounds read...