SUSE CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

CVE-2026-45684 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

CVE-2026-45684

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

CVE-2026-45684 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

EUVD-2026-33957

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. From version 0.7.0 to before version 0.9.0, OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log...

CVE-2026-45684

OpenTelemetry eBPF Instrumentation (OBI) log enricher vulnerability CVE-2026-45684: in versions 0.7.0–0.8.x, the writev path mishandles buffers by reading only the first iovec entry while using the total iov_iter.count for the copy length. When log injection is enabled, a crafted multi-segment wr...

GHSA-VVMG-8MJR-G6Q3 OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

Summary OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log injection is enabled, a crafted multi-segment writev call can make OBI read and overwrite memory beyond the first segment. Details In...

OpenTelemetry eBPF Instrumentation: Log enricher writev path can overread and overwrite user buffers

Summary OBI's log enricher mishandles writev buffers by reading only the first iovec entry but using the total ioviter.count as the copy length. When log injection is enabled, a crafted multi-segment writev call can make OBI read and overwrite memory beyond the first segment. Details In...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000730)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000730 advisory. The fusefillwritepages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service infinite loop via a writev system ca...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000587)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000587 advisory. The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service integer overflow,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002338)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002338 advisory. The fusefillwritepages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service infinite loop via a writev system ca...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002329 advisory. The cifsiovecwrite function in fs/cifs/file.c in the Linux kernel through 3.13.5 does not properly handle uncached write operations that copy fewer than the requeste...

EUVD-2015-8657

Malware in sbrugna...

EUVD-2008-7267

Malware in sbrugna...

EUVD-2006-1856

Malware in sbrugna...

SUSE CVE-2022-49171

In the Linux kernel, the following vulnerability has been resolved: ext4: don't BUG if someone dirty pages without asking ext4 first unpinuserpagesremote is dirtying pages without properly warning the file system in advance. A related race was noted by Jan Kara in 20181; however, more recently...

UBUNTU-CVE-2022-49171

In the Linux kernel, the following vulnerability has been resolved: ext4: don't BUG if someone dirty pages without asking ext4 first unpinuserpagesremote is dirtying pages without properly warning the file system in advance. A related race was noted by Jan Kara in 20181; however, more recently...

UBUNTU-CVE-2024-42256

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will call cifspreparewrite which will make cifs repick the server for the op before renegotiating credits; it then calls...

PT-2024-7517 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the smb2 async writev function in the Linux kernel, which is responsible for handling server re-repick on subrequest retry. When a subrequest is marked for...

SUSE CVE-2006-1856

Certain modifications to the Linux kernel 2.6.16 and earlier do not add the appropriate Linux Security Modules LSM filepermission hooks to the 1 readv and 2 writev functions, which might allow attackers to bypass intended access restrictions...