673 matches found
CVE-2026-55999
A flaw was found in the glamorfontget function of the xorg-x11-server. This vulnerability, a heap buffer overflow, occurs when the server processes a specially crafted PCF font file where individual glyph metrics exceed the declared maximum bounds. An authenticated X client can exploit this by...
CVE-2026-40257 OP-TEE has SHA-3 accelerated finalize heap overflow
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.21.0 and prior to version 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one erro...
CVE-2026-40257
CVE-2026-40257 affects OP-TEE (Trusted Execution Environment) for Cortex-A with TrustZone. From versions 3.21.0 up to, but not including, 4.11.0, the ARM Crypto Extensions accelerated SHA-3 implementation has an off-by-one error that can cause a massive heap overflow, corrupting all TEE kernel me...
Accelerating the quantum-safe timeline
The quantum-safe timeline has changed For years, planning for post-quantum cryptography PQC was framed as a future problem: important, inevitable, but distant. That perspective is evolving as technology advances and organizations prepare for the scale and complexity of the transition ahead. At...
CVE-2026-53203
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...
EUVD-2026-39262
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...
CVE-2026-53171
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: iio: accel: adxl380: Avoid reading more entries than are present in the FIFO. The interrupt handler reads FIFO entries in batches of N samples, where N is the number of scan elements that have been enabled. However, the sensor...
EulerOS Virtualization 2.10.0 : openssl (EulerOS-SA-2026-2058)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
EulerOS Virtualization 2.13.1 : openssl (EulerOS-SA-2026-2142)
According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Writing large, newline-free data into a BIO chain using the line-buffering filter where the next BIO performs short...
CVE-2026-33662
OP-TEE is a Trusted Execution Environment TEE designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. From 3.8.0 to 4.10, in the function emsapkcs1v15encode in core/drivers/crypto/cryptoapi/acipher/rsassa.c, the amount of padding needed, "...
CVE-2026-42781
When embedded Packet Velocity Acceleration ePVA acceleration is configured, undisclosed local ethernet traffic can cause an increase in ePVA and Traffic Management Microkernel TMM resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...
CVE-2026-40618
When an SSL profile is configured on a virtual server on BIG-IP Virtual Edition VE without Intel QuickAssist Technology QAT or on BIG-IP hardware platforms with the database variable crypto.hwacceleration set to disabled, undisclosed traffic can cause the Traffic Management Microkernel TMM to...
SUSE CVE-2025-71308
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...
SUSE CVE-2026-45931
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
Evidence at the Moment of Attack. Answers at AI Speed.
Wiz Sensor Forensics is now generally available - automatically capturing forensic artifacts at the moment of detection and using AI to accelerate investigation for SOC and IR teams...
EUVD-2026-32215
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
CVE-2026-45931
In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Hold mm structure across iommusvaunbinddevice Some tests trigger a crash in iommusvaunbinddevice due to accessing iommumm after the associated mm structure has been freed. Fix this by taking an explicit reference t...
CVE-2026-46060
crypto: qat - fix IRQ cleanup on 6xxx probe failure...
USN-8278-2: Linux kernel (Azure) vulnerabilities
It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...