D-Link DIR-825M 缓冲区错误漏洞

The D-Link DIR-825M is a router produced by D-Link Corporation. Version 1.1.12 of the D-Link DIR-825M contains a buffer overflow vulnerability. This vulnerability arises from the parameter submit-url in the function sub4151FC in the file /file/boafrm/formVpnConfigSetup, which leads to a buffer...

D-Link DIR-825M 缓冲区错误漏洞

The D-Link DIR-825M is a router produced by D-Link Corporation. Version 1.1.12 of the D-Link DIR-825M contains a buffer overflow vulnerability. This vulnerability arises from the parameter submit-url in the function sub414BA8 within the file /file/boafrm/formWanConfigSetup, which leads to a buffe...

drm/amdgpu: Fix fence put before wait in amdgpu_amdkfd_submit_ib

...

usbip: validate number_of_packets in usbip_pack_ret_submit()

...

Linux Distros Unpatched Vulnerability : CVE-2026-31566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: Fix fence put before wait in amdgpuamdkfdsubmitib amdgpuamdkfdsubmitib submits a GPU job and gets a fence from amdgpuibschedule. This fence is used ...

CVE-2026-31607

A flaw was found in the Linux kernel's USB/IP subsystem. A malicious USB/IP server could exploit a vulnerability in the usbippackretsubmit function by sending a specially crafted RETSUBMIT response. This response, containing an oversized numberofpackets value, could cause a heap out-of-bounds...

DEBIAN-CVE-2026-31607

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

CVE-2026-31607

CVE-2026-31607 (Linux kernel USB/IP) : A RET_SUBMIT response can cause an out-of-bounds write when usbip_pack_ret_submit() overwrites urb->number_of_packets without validation. The loop bound in usbip_recv_iso()/usbip_pad_iso() then writes beyond urb->iso_frame_desc[], triggering a heap OOB...

CVE-2026-31607 usbip: validate number_of_packets in usbip_pack_ret_submit()

In the Linux kernel, the following vulnerability has been resolved: usbip: validate numberofpackets in usbippackretsubmit When a USB/IP client receives a RETSUBMIT response, usbippackretsubmit unconditionally overwrites urb-numberofpackets from the network PDU. This value is subsequently used as...

PT-2026-34918

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix fence put before wait in amdgpu amdkfd submit ib amdgpu amdkfd submit ib submits a GPU job and gets a fence from amdgpu ib schedule. This fence is used to wait for job completion. Currently, the code drops the fen...

PT-2026-34959

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A heap out-of-bounds write exists in the USB/IP client. The function usbip pack ret submit unconditionally overwrites the number of packets variable from the network PDU. A malicious...

EUVD-2026-24814

In the Linux kernel, the following vulnerability has been resolved: erofs: add GFPNOIO in the bio completion if needed The bio completion path in the process context e.g. dm-verity will directly call into decompression rather than trigger another workqueue context for minimal scheduling latencies...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-006939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006939 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011201)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011201 advisory. In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by...

CVE-2026-23756

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in ControllerStep.InsertSubmit and EditSubmit before being rendered by ViewStep.RenderViewSteps. An authenticated staff member can inject...

CVE-2026-23756 GFI HelpDesk < 4.99.9 Stored XSS via Troubleshooter Step Subject

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in ControllerStep.InsertSubmit and EditSubmit before being rendered by ViewStep.RenderViewSteps. An authenticated staff member can inject...

CVE-2026-23758 GFI HelpDesk < 4.99.9 Stored XSS via editsubject Parameter

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the editsubject POST parameter. Attackers can inject XSS payloads through inadequate sanitization in...

PT-2026-33814

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the Troubleshooter module where the subject POST parameter is not sanitized in Controller Step.InsertSubmit and EditSubmit before being rendered by View Step.RenderViewSteps. An authenticated staff member can injec...

PT-2026-33815

GFI HelpDesk before 4.99.9 contains a stored cross-site scripting vulnerability in the ticket subject field that allows authenticated staff members to inject malicious JavaScript by manipulating the editsubject POST parameter. Attackers can inject XSS payloads through inadequate sanitization in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006802 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...