16 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa – Fix for the asyncdisable descriptor leak The paths for disabling asyncdisable in functions like iaacompress and decompress do not free the idxd descriptors when asyncdisable is set. Currently, this issue only occurs...
SUSE CVE-2026-31748
In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...
EUVD-2026-26561
In the Linux kernel, the following vulnerability has been resolved: comedi: medaq: Fix potential overrun of firmware buffer me2600xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format. ...
CVE-2026-31747 comedi: me4000: Fix potential overrun of firmware buffer
In the Linux kernel, the following vulnerability has been resolved: comedi: me4000: Fix potential overrun of firmware buffer me4000xilinxdownload loads the firmware that was requested by requestfirmware. It is possible for it to overrun the source buffer because it blindly trusts the file format...
PT-2026-36383
In the Linux kernel, the following vulnerability has been resolved: comedi: me daq: Fix potential overrun of firmware buffer me2600 xilinx download loads the firmware that was requested by request firmware. It is possible for it to overrun the source buffer because it blindly trusts the file...
SUSE CVE-2025-38103
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhidparse Update struct hiddescriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note: the kernel currently...
AZL-64610 CVE-2025-38103 affecting package kernel for versions less than 6.6.96.1-1
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhidparse Update struct hiddescriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note: the kernel currently...
kernel: maple_tree: correct tree corruption on spanning store
In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...
CVE-2025-21972 net: mctp: unshare packets when reassembling
In the Linux kernel, the following vulnerability has been resolved: net: mctp: unshare packets when reassembling Ensure that the fraglist used for reassembly isn't shared with other packets. This avoids incorrect reassembly when packets are cloned, and prevents a memory leak due to circular...
UBUNTU-CVE-2022-49187
In the Linux kernel, the following vulnerability has been resolved: clk: Fix clkhwgetclk when dev is NULL Any registered clkcore structure can have a NULL pointer in its dev field. While never actually documented, this is evidenced by the wide usage of clkregister and clkhwregister with a NULL...
UBUNTU-CVE-2024-57947
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfsetpipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrict it to the size of the first field, not the total field size. After each round in the map search step, the result a...
SUSE CVE-2024-50200
In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...
DEBIAN-CVE-2024-50200
In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...
UBUNTU-CVE-2024-50200
In the Linux kernel, the following vulnerability has been resolved: mapletree: correct tree corruption on spanning store Patch series "mapletree: correct tree corruption on spanning store", v3. There has been a nasty yet subtle maple tree corruption bug that appears to have been in existence sinc...
DEBIAN-CVE-2024-35926
In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix asyncdisable descriptor leak The disableasync paths of iaacompress/decompress don't free idxd descriptors in the asyncdisable case. Currently this only happens in the testcases where req-dst is set to null. Add ...