CVE-2026-31626
- EPSS 0.29%
- Veröffentlicht 24.04.2026 14:42:47
- Zuletzt bearbeitet 01.06.2026 17:16:53
In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify() Initialize le_tmp64 to zero in rtw_BIP_verify() to prevent using uninitialized data. Smatch warns that only 6 bytes are...
CVE-2026-31625
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:42
- Zuletzt bearbeitet 01.06.2026 17:16:53
In the Linux kernel, the following vulnerability has been resolved: HID: alps: fix NULL pointer dereference in alps_raw_event() Commit ecfa6f34492c ("HID: Add HID_CLAIMED_INPUT guards in raw_event callbacks missing them") attempted to fix up the HI...
CVE-2026-31624
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:41
- Zuletzt bearbeitet 01.06.2026 17:16:53
In the Linux kernel, the following vulnerability has been resolved: HID: core: clamp report_size in s32ton() to avoid undefined shift s32ton() shifts by n-1 where n is the field's report_size, a value that comes directly from a HID device. The HID...
CVE-2026-31623
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:40
- Zuletzt bearbeitet 01.06.2026 17:16:53
In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() A malicious USB device claiming to be a CDC Phonet modem can overflow the skb_shared_info->frags[] array by sending ...
CVE-2026-31621
- EPSS 0.12%
- Veröffentlicht 24.04.2026 14:42:39
- Zuletzt bearbeitet 28.04.2026 14:05:14
In the Linux kernel, the following vulnerability has been resolved: bnge: return after auxiliary_device_uninit() in error path When auxiliary_device_add() fails, the error block calls auxiliary_device_uninit() but does not return. The uninit drops...
CVE-2026-31622
- EPSS 0.28%
- Veröffentlicht 24.04.2026 14:42:39
- Zuletzt bearbeitet 01.06.2026 17:16:53
In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digital_in_recv_sdd_res() appends 3 or 4 bytes to target->nfcid1 on each ...
CVE-2026-31620
- EPSS 0.2%
- Veröffentlicht 24.04.2026 14:42:38
- Zuletzt bearbeitet 28.04.2026 14:11:42
In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but...
CVE-2026-31618
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:37
- Zuletzt bearbeitet 01.06.2026 17:16:52
In the Linux kernel, the following vulnerability has been resolved: fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that sam...
CVE-2026-31619
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:37
- Zuletzt bearbeitet 01.06.2026 17:16:52
In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efr_status_names[] ...
CVE-2026-31617
- EPSS 0.13%
- Veröffentlicht 24.04.2026 14:42:36
- Zuletzt bearbeitet 15.07.2026 02:19:49
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() The block_len read from the host-supplied NTB header is checked against ntb_max but has no lower bound. When bloc...