356 matches found
CVE-2026-31533
In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption The -EBUSY handling in tlsdoencryption, introduced by commit 859054147318 "net: tls: handle backlogging of crypto requests", has a use-after-free due to double...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013560)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013560 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010987)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010987 advisory. In the Linux kernel, the following vulnerability has been resolved: vfs: Don't leak disconnected dentries on umount When user calls openbyhandleat on some inode that...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-011161)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011161 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Propagate error from htablockbucket to userspace In htabmaplookupanddeletebatch if...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011221)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011221 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Handle EBUSY correctly As it is essiv only handles the special return value of...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006806)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006806 advisory. In the Linux kernel, the following vulnerability has been resolved: netrom: Fix data-races around sysctlnetbusyread We need to protect the reader reading the sysctl...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006787)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006787 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Reset queuepriorityhint on parking Originally, with strict in order execution, we...
CVE-2026-23339
In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005731)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005731 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid scheduling in rtasosterm It's unsafe to use rtasbusydelay to handle a busy...
CVE-2026-2709
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
CVE-2026-2709
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
CVE-2026-2709 busy Callback app.js redirect
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
CVE-2026-2709 busy Callback app.js redirect
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
CVE-2026-2709 busy Callback app.js redirect
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
CVE-2026-2709
Summary: CVE-2026-2709 affects Busy bundled up to 2.5.5, in Callback Handler (source-code/busy-master/src/server/app.js). Manipulating the argument state can cause an open redirect; the attack is remote and an exploit has been published. The project was informed via issue report but has not respo...
PT-2026-20646
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
Busy 输入验证错误漏洞
Busy is a social networking system developed by Busy Open Source. Versions of Busy 2.5.5 and earlier contained a vulnerability related to input validation errors. This vulnerability stemmed from incorrect handling of the state parameter in the file source-code/busy-master/src/server/app.js, which...
CVE-2026-23117
In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...
PT-2026-8110
In the Linux kernel, the following vulnerability has been resolved: ice: add missing ice deinit hw in devlink reinit path devlink-reload results in ice init hw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: ice init hw failed: -16...
SUSE CVE-2026-23110
In the Linux kernel, the following vulnerability has been resolved: scsi: core: Wake up the error handler when final completions race against each other The fragile ordering between marking commands completed or failed so that the error handler only wakes when the last running command completes o...