CVE-2026-45881 soc: mediatek: svs: Fix memory leak in svs_enable_debug_write()

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: svs: Fix memory leak in svsenabledebugwrite In svsenabledebugwrite, the buf allocated by memdupusernul is leaked if kstrtoint fails. Fix this by using freekfree to automatically free buf, eliminating the need for...

CVE-2026-45878

The CVE-2026-45878 issue affects the Linux kernel’s AMD GPU driver (drm/amdkfd) where debug address watch (watch_id) handling could overflow memory due to mixing unsigned watch_id with signed checks. The root cause is insufficient bounds validation for watch_id, which could be large enough to acc...

CVE-2026-45878 drm/amdkfd: Fix watch_id bounds checking in debug address watch v2

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watchid bounds checking in debug address watch v2 The address watch clear code receives watchid as an unsigned value u32, but some helper functions were using a signed int and checked bits by shifting with watchid...

CVE-2026-45878

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watchid bounds checking in debug address watch v2 The address watch clear code receives watchid as an unsigned value u32, but some helper functions were using a signed int and checked bits by shifting with watchid...

PT-2026-43745

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix watch id bounds checking in debug address watch v2 The address watch clear code receives watch id as an unsigned value u32, but some helper functions were using a signed int and checked bits by shifting with watch...

CVE-2026-45878

drm/amdkfd: Fix watchid bounds checking in debug address watch v2...

PT-2026-43748

In the Linux kernel, the following vulnerability has been resolved: soc: mediatek: svs: Fix memory leak in svs enable debug write In svs enable debug write, the buf allocated by memdup user nul is leaked if kstrtoint fails. Fix this by using freekfree to automatically free buf, eliminating the ne...

PT-2026-43881

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description In the KVM SVM component, there is a failure in the save and restore handling of Last Branch Record LBR Model Specific Registers MSRs. Specifically, MSR IA32 DEBUGCTLMSR and LBR MSRs are no...

PT-2026-43990

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

IBM Guardium Data Protection 信息泄露漏洞

IBM Guardium Data Protection is a comprehensive data security platform developed by the American company International Business Machines IBM. Versions 12.2.1 and 12.2.2 of IBM Guardium Data Protection contain information leakage vulnerabilities. These vulnerabilities stem from the Long Term...

Information Exposure

Overview Affected versions of this package are vulnerable to Information Exposure via the debugMode process. An attacker can obtain sensitive server-side source code and file contents by provoking a runtime error in a served script. Remediation Upgrade github.com/xyproto/algernon/engine to versio...

CVE-2026-45728

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

CVE-2026-45728

CVE-2026-45728 (Algernon) exposes server-side source on error when running in single-file mode. Prior to 1.17.7, invoking Algernon with a file path (not a dir) forces singleFileMode, which enables debugMode and renders PrettyError pages that reveal the absolute path and full contents of the error...

CVE-2026-45728 Algernon: Single-file mode unconditionally enables debug mode

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

CVE-2026-45728

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

EUVD-2026-31868

Algernon is a small self-contained pure-Go web server. Prior to 1.17.7, when Algernon is invoked with a single file path instead of a directory, singleFileMode is set to true and debugMode is forcibly enabled. debugMode activates the PrettyError renderer, which on any Lua or template error respon...

CVE-2026-47728

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

CVE-2026-47728 Bugsink: Project scoping missing in sourcemap and debug-file lookup

Bugsink is a self-hosted error tracking tool. Prior to 2.2.0, Bugsink resolved sourcemaps and debug files by debug ID without scoping that lookup to the project that owned the uploaded metadata. An authenticated user with access to one project could cause event processing in that project to use...

CVE-2026-47728

Bugsink (self-hosted error tracking) prior to 2.2.0 stores and looks up sourcemaps and debug files by debug ID without scoping to the owning project. An authenticated user with access to one project could cause event processing in that project to use sourcemap/debug-file metadata uploaded for ano...