CVE-2026-43443

A flaw was found in the Advanced Linux Sound Architecture ALSA System on Chip ASoC AMD Audio CoProcessor ACP machine common driver within the Linux kernel. The acpcardrt5682init and acpcardrt5682sinit functions failed to validate the return values from clock acquisition calls. This oversight coul...

CVE-2026-43437

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture PCM Pulse Code Modulation subsystem. A local attacker could exploit a use-after-free vulnerability by triggering a race condition when closing a linked audio stream. This could lead to system instability, denial of...

CVE-2026-43436

A flaw was found in the Linux kernel's ALSA Advanced Linux Sound Architecture USB-audio driver, specifically within the Scarlett2 mixer quirk. A local attacker could exploit this vulnerability by providing a specially crafted, malformed USB descriptor. This could lead to a NULL dereference in the...

CVE-2026-43412

A flaw was found in the Linux kernel's Advanced Linux Sound Architecture ALSA System on Chip ASoC subsystem, specifically within the Qualcomm qcom qdsp6 audio driver. During the stop and start process of the Audio Digital Signal Processor ADSP, an incorrect order of component removal can occur...

EUVD-2026-28604

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix dsc eDP issue why Need to add function hook check before use...

CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

UBUNTU-CVE-2026-43382

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid double-rtnllock ELP metric worker batadvvelpgetthroughput might be called when the RTNL lock is already held. This could be problematic when the work queue item is cancelled via canceldelayedworksync in...

CVE-2026-43443

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp-mach-common: Add missing error check for clock acquisition The acpcardrt5682init and acpcardrt5682sinit functions did not check the return values of clkget. This could lead to a kernel crash when the invalid pointe...

CVE-2026-43367

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix a few more NULL pointer dereference in device cleanup I found a few more paths that cleanup fails due to a NULL version pointer on unsupported hardware. Add NULL checks as applicable. cherry picked from commit...

CVE-2026-43310

In the Linux kernel, the following vulnerability has been resolved: media: verisilicon: Avoid G2 bus error while decoding H.264 and HEVC For the i.MX8MQ platform, there is a hardware limitation: the g1 VPU and g2 VPU cannot decode simultaneously; otherwise, it will cause below bus error and produ...

EUVD-2026-28534

A vulnerability in Legion of the Bouncy Castle Inc. BC-FJA BC-FIPS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-FJA: from 2.1.0 through 2.1.2...

Bouncy Castle has a vulnerability in program files gcm128w, gcm512w

A vulnerability in Legion of the Bouncy Castle Inc. BC-FJA BC-FIPS on Linux, X8664, AVX, AVX-512f. This vulnerability is associated with program files gcm128w, gcm512w. This issue affects BC-FJA: from 2.1.0 through 2.1.2...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an issue with the dsc eDP driver in AMD’s drivers, where function hook checks are missing...

PT-2026-38947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A mismatched unlock for the DMUB HW lock in the HWSS fast path occurs in the Linux kernel. This happens because the evaluation for whether the DMUB HW lock is required differs from the...

Linux Distros Unpatched Vulnerability : CVE-2026-43436

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ALSA: usb-audio: Check endpoint numbers at parsing Scarlett2 mixer interfaces The Scarlett2 mixer quirk in USB-audio driver may hit a NULL dereference when a...

rust-openssl vulnerable to heap buffer overflow when encrypting with AES key-wrap-with-padding

CipherCtxRef::cipherupdate, CipherCtxRef::cipherupdatevec, and symm::Crypter::update incorrectly sized output buffers when used with AES key-wrap-with-padding ciphers EVPaes128,192,256wrappad. For a non-multiple-of-8 input, OpenSSL writes up to 7 bytes past the end of the caller's buffer or Vec,...

Security Bulletin: Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced (CVE-2026-1561, CVE-2025-14923, CVE-2025-14917, CVE-2026-29063, CVE-2025-14915).

Summary Multiple security vulnerabilities may affect IBM WebSphere Liberty that is shipped with IBM CICS TX Advanced CVE-2026-1561, CVE-2025-14923, CVE-2025-14917, CVE-2026-29063, CVE-2025-14915. IBM WebSphere Liberty has been updated within IBM CICS TX Advanced to address these vulnerabilities...

SUSE CVE-2026-43253

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move waitonsem out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as waitonsem busy-waits under the spinlock with interrupts disabled. Move the...

PT-2026-38626

Name of the Vulnerable Software and Affected Versions rust-openssl versions 0.10.0 through 0.10.78 Description Incorrect output buffer sizing occurs when using AES key-wrap-with-padding ciphers EVP aes 128,192,256 wrap pad. For inputs that are not a multiple of 8, OpenSSL may write up to 7 bytes...

EUVD-2026-27753

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...