EUVD-2026-39285

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

CVE-2026-46411

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

CVE-2026-46411

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

CVE-2026-46411 FlashMQ: Client can trigger uncaught exception on FlashMQ 1.26.1 and older

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

CVE-2026-46411

FlashMQ is the MQTT broker/server affected by CVE-2026-46411. The issue affects versions prior to 1.26.2, where an authorized client can exceed the permitted over-commit of their write buffer, triggering an internal safe-guard exception in a path that is not catchable and causing the server to ab...

CVE-2026-46411 FlashMQ: Client can trigger uncaught exception on FlashMQ 1.26.1 and older

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

EUVD-2026-35872

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

PT-2026-48296

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.2, authorized clients have the ability to exceed the permitted over-commit of their write buffer and triggering an internal safe-guard exception. This exception was in a path that was not catchable, and...

UBUNTU-CVE-2026-45939

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

AMD: CVE-2023-20585 IOMMU Write Buffer Vulnerability

The vulnerability assigned to this CVE could lead to corruption of guest encrypted memory. The mitigation for this vulnerability requires a Windows update. This CVE is being documented in the Security Update Guide to announce that the latest builds of Windows enable the mitigation and provide...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002939)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002939 advisory. The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002651)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002651 advisory. The arcmsriopmessagexfer function in drivers/scsi/arcmsr/arcmsrhba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local...

Updated gnutls packages fix security vulnerability

Stack write buffer overflow. CVE-2025-9820...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988791)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988791 advisory. In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix read out-of-bounds in ubifswbufwritenolock Function ubifswbufwritenolock may access b...

CVE-2023-53524

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: Fix integer overflow in iwlwritetouserbuf An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. static bool iwlwritetouserbufchar user userbuf,...

CVE-2023-53524 wifi: iwlwifi: pcie: Fix integer overflow in iwl_write_to_user_buf

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: pcie: Fix integer overflow in iwlwritetouserbuf An integer overflow occurs in the iwlwritetouserbuf function, which is called by the iwldbgfsmonitordataread function. static bool iwlwritetouserbufchar user userbuf,...

ceph: fix possible deadlock when holding Fwb to get inline_data

...

CVE-2025-38667

In the Linux kernel, the following vulnerability has been resolved: iio: fix potential out-of-bound write The buffer is set to 20 characters. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". To protect from OoB access, check that the input...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not properly limiting the write buffer size, which could lead to out-of-bounds writes...

CVE-2025-38484

In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters, count is truncated to the max available space in "simplewritetobuffer". But afterwards a string terminator is written to t...