840 matches found
SUSE CVE-2026-46257
In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/timer-sp804: Fix an Oops when readcurrenttimer is called on ARM32 platforms where the SP804 is not registered as the schedclock. On SP804, the delay timer shares the same clkevt instance with schedclock. On so...
CVE-2026-46257
The CVE-2026-46257 entry concerns the Linux kernel SP804 timer on ARM32. The root cause was that the delay timer shared a clkevt instance with sched_clock; when sp804_clocksource_and_sched_clock_init used use_sched_clock != 1, sched_clkevt was not properly initialized, and read_current_timer invo...
Linux Distros Unpatched Vulnerability : CVE-2026-45614
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology...
Exploit for Out-of-bounds Write in Redis
Docker Operations Create a Docker container docker comp...
CVE-2026-46147
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64 architectures. During the vCPU initialization process, a pin leak can occur, leading to a permanent loss of references to host vCPU and SVE state pages. Additionally, a concurrent process might observe a partially...
UBUNTU-CVE-2026-46147
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...
PT-2026-44270
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Two issues exist in the vCPU initialization path of the KVM arm64 component. First, a failure occurring after hyp pin shared mem succeeds can lead to a pin leak, where pin references on...
EUVD-2026-32342
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in archsetshadowstackstatus allocgcs returns an error-encoded pointer on failure, which comes from dommap, not NULL. The current NULL check fails to detect errors, which could lead to using an invali...
CVE-2026-46055
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...
UBUNTU-CVE-2026-46055
In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix string overrun due to missing termination When booting Ubuntu 26.04 with Linux 7.0-rc4 on an ARM64 Qualcomm Snapdragon X1 we see a string buffer overrun: BUG: KASAN: slab-out-of-bounds in aadfamatch...
CVE-2026-45876
In the Linux kernel, arm64/gcs fixes error handling in arch_set_shadow_stack_status. alloc_gcs() now detects error-encoded pointers returned by do_mmap() (not NULL) via IS_ERR_VALUE(), aligning with the check in gcs_alloc_thread_stack. The previous NULL-based check could fail to detect errors, ri...
PT-2026-43743
In the Linux kernel, the following vulnerability has been resolved: arm64/gcs: Fix error handling in arch set shadow stack status alloc gcs returns an error-encoded pointer on failure, which comes from do mmap, not NULL. The current NULL check fails to detect errors, which could lead to using an...
DEBIAN-CVE-2026-42627
In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...
USN-8296-1: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Drivers core; - Null block device drive...
Arm NN 安全漏洞
Arm NN is an open-source machine learning inference engine optimized for the Arm architecture, developed by Arm Software. Versions of Arm NN prior to 2026-03-27 contained a security vulnerability. This vulnerability stemmed from integer overflow in the TensorShape::GetNumElements function, which...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fixed an uninitialized memcache pointer in usermemabort The commit fce886a60207 "KVM: arm64: Examining the pKVM MMU in KVM" made the initialization of the local memcache variable in usermemabort conditional. As a...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerability has been resolved: ARM: hisi: Added "ofnodeput" after "offindcompatiblenode" "offindcompatiblenode" will increment the refcount of the returned devicenode. Calling "ofnodeput" is necessary to avoid a refcount leak...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: ARM: fixed the cacheflush issue with PAN. It appears that the cacheflush syscall became corrupted when the LPAE PAN mechanism was implemented. User access was not enabled during the cache maintenance process, which caused the iss...
Astra Linux - уязвимость в linux
In the Linux kernel, the following vulnerabilities have been resolved: ARM: footbridge: fixed PCI interrupt mapping Since commit 30fdfb929e82 "PCI: added a call to pciassignirq in pcideviceprobe", the PCI code will call the IRQ mapping function whenever a PCI driver is probed. If these functions...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: net: ipv4: Fixed an alignment fault in the multipath hash seed for ARM64 architectures. The struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment...