EUVD-2026-32891

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

x86/shstk: Prevent deadlock during shstk sigreturn

...

SUSE CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

SUSE CVE-2026-45876

In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...

SUSE CVE-2026-46063

In the Linux kernel, the following vulnerability has been resolved: x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack using normal read accesses. When it can't assume the memory is shadow...

CVE-2026-45876

A flaw was found in the Linux kernel. Improper error handling in the archsetshadowstackstatus function, specifically related to allocgcs, could lead to the use of an invalid Global Context Structure GCS address. This issue may allow a local attacker to cause system instability or a denial of...

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

kernel: Bluetooth: MGMT: validate LTK enc_size on load

A flaw was found in the Linux kernel's Bluetooth management MGMT component. An attacker could exploit a vulnerability in how Long Term Keys LTK are loaded. By providing an oversized encryption size, a stack buffer overflow can occur, potentially leading to a denial of service...

PT-2026-44494

Music Player Daemon MPD before version 0.24.11 contains a stack buffer overflow vulnerability in the pcm unpack 24be function in src/pcm/Pack.cxx that allows unauthenticated attackers to corrupt stack memory by triggering an off-by-one write in the PCM decoder plugin. Attackers can issue two MPD...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the rtnlfillvfinfo function in rtnetlink does not initialize the iflavfbroadcast...

PT-2026-44305

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel stack memory leak occurs in the pseries/papr-hvpipe component. The hdr variable is allocated on the stack, but only hdr.version and hdr.flags are explicitly initialized. Since t...

PT-2026-44296

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where an exiting task that experiences an oops a kernel panic that does not require a full system reboot can be preempted during the execution of do task dead. This occur...

PT-2026-44255

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack information leak exists in the rtnl fill vfinfo function. The function declares a struct ifla vf broadcast on the stack without initialization. This structure contains a 32-byte...

PT-2026-44386

Name of the Vulnerable Software and Affected Versions CryptX versions prior to 0.088 001 Description A stack buffer overflow exists in four AEAD decrypt verify helpers. The XS routines gcm decrypt verify, ccm decrypt verify, chacha20poly1305 decrypt verify, and eax decrypt verify copy a...

XCharge C6 安全漏洞

XCharge C6 is a series of intelligent electric vehicle DC charging stations developed by the German company XCharge. The XCharge C6 has a security vulnerability, which stems from a stack-based buffer overflow in the signal processing logic. Attackers can exploit this vulnerability by physically...

PT-2026-44272

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A buffer overflow occurs in the target tg pt gp members show function when formatting LUN paths using snprintf into a 256-byte stack buffer. Because iSCSI IQN names can reach 223 bytes,...

Linux Distros Unpatched Vulnerability : CVE-2026-46063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/shstk: Prevent deadlock during shstk sigreturn During sigreturn the shadow stack signal frame is popped. The kernel does this by reading the shadow stack...

CryptX 安全漏洞

CryptX is a open-source cryptographic toolkit developed by DCIT, based on various encryption algorithms. Versions of CryptX prior to 0.088001 contained security vulnerabilities. These vulnerabilities stemmed from stack buffer overflows in four AEAD decryption validation functions, which could all...