CVE-2026-53134

The CVE concerns the Linux kernel netfilter nft_fib handling, where NFT_FIB_RESULT_OIFNAME’s destination register span could leak uninitialized kernel stack on lookup-fail paths due to incomplete writes. The fix replaces a bare dest = 0 with nft_fib_store_result(), padding the entire IFNAMSIZ, an...

CVE-2026-56099

OpenBSD before commit 6a23123 2026-06-18 contains an out-of-bounds read vulnerability in the mplsdoerror function within sys/netmpls/mplsinput.c that allows remote attackers to disclose kernel stack memory by sending crafted MPLS frames with 16 labels and no Bottom-of-Stack bit set...

JLSEC-2026-578

In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the event handler of the mctp i2c device reading bytes from an uninitialized memory location. Thi...

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: The PMK parameter is now passed as binary data, rather than hexadecimal data. It appears that the hexadecimal passphrase mechanism does not work on newer chips/firmwares e.g., BCM4387. There was actually...

OESA-2026-2073 llvm security update

LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...

OESA-2026-2072 llvm security update

LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010725)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010725 advisory. A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when...

OESA-2026-1968 llvm security update

LLVM is a compiler infrastructure designed for compile-time, link-time, runtime, and idle-time optimization of programs from arbitrary programming languages. Security Fixes: When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-poin...

UBUNTU-CVE-2026-34945

Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Winch compiler contains a bug where a 64-bit table, part of the memory64 proposal of WebAssembly, incorrectly translated the table.size instruction. This bug could lead to disclosing data on the...

CLSA-2026-1772114900 glibc: Fix of CVE-2026-0915

CVE-2026-0915: fix leak of stack contents to configured DNS resolver when resolving a zero-valued network via getnetbyaddr/getnetbyaddrr with DNS NSS backend; sanitize network value and avoid passing uninitialized stack data to resolver...

OESA-2026-1199 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Azure Linux 3.0 Security Update: clang (CVE-2024-7883)

The version of clang installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7883 advisory. - When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via...

DEBIAN-CVE-2026-0915

Calling getnetbyaddr or getnetbyaddrr with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver...

PT-2026-3138

Name of the Vulnerable Software and Affected Versions GNU C Library versions 2.0 through 2.42 Description The GNU C Library contains a flaw where calling getnetbyaddr or getnetbyaddr r with a configured nsswitch.conf that specifies the library's DNS backend for networks, and querying for a...

UBUNTU-CVE-2025-40035

In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinputffuploadcompat to avoid info leak Struct ffeffectcompat is embedded twice inside uinputffuploadcompat, contains internal padding. In particular, there is a hole after struct ffreplay to satis...

CVE-2023-53715

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

CVE-2023-53715 wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: cfg80211: Pass the PMK in binary instead of hex Apparently the hex passphrase mechanism does not work on newer chips/firmware e.g. BCM4387. It seems there was a simple way of passing it in binary all along, so use...

JLSEC-2025-37 libcurl's URL API function [curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers puny...

libcurl's URL API function curlurlget offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the macidn IDN backend. The conversion function then fills up the provided buffer exact...

PT-2025-49035

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to uninitialized data. Specifically, the issue involves a potential leak of uninitialized stack data to userspace within the media subsystem,...