105 matches found
CVE-2026-57268
GeoWebPlayer’s Websocket server exposes a saveVideo command where the provided index is not validated before it's used to access internal arrays and call a function pointer in CCriticalSection. This out-of-bounds access can reach the critical section and release path, potentially enabling code ex...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Wifi: ath11k – Fixing the gtk offload status event locking issue The ath11k active PDevs are protected by RCUs, but the code that handles the gtk offload status event and calls ath11kmacgetarvifbyvdevid was not marked as a...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fixed a race condition in qfqaggregate. A race condition can occur when qfqchangeagg is modified called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a NULL...
Astra Linux – Vulnerability in Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fixed corruption in user space r13. The commit cf13435b730a “powerpc/tm: Fixed corruption in user space r13” fixes a problem in treclaim, where a SLB miss can occur on threadstruct-ckpt regs, when SCRATCH0 is active a...
SUSE CVE-2026-46302
In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...
CVE-2026-46302
In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...
EUVD-2026-35167
In the Linux kernel, the following vulnerability has been resolved: selinux: allow multiple opens of /sys/fs/selinux/policy Currently there can only be a single open of /sys/fs/selinux/policy at any time. This allows any process to block any other process from reading the kernel policy. The...
PT-2026-47373
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.12-1.1 Description A flaw in the SELinux component allows only a single open of the '/sys/fs/selinux/policy' endpoint at any time. This...
PT-2026-36435
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the Bluetooth component. In the hci le remote conn param req evt function, the hci conn lookup and field access are not properly protected by the hde...
RUSTSEC-2026-0110 bare-metal is deprecated
The bare-metal crate has been deprecated and archived. For Mutex and CriticalSection, see the critical-section crate instead...
bare-metal is deprecated
The bare-metal crate has been deprecated and archived. For Mutex and CriticalSection, see the critical-section crate instead...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011119)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011119 advisory. In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was...
CVE-2026-23161 mm/shmem, swap: fix race of truncate and swap entry split
In the Linux kernel, the following vulnerability has been resolved: mm/shmem, swap: fix race of truncate and swap entry split The helper for shmem swap freeing is not handling the order of swap entries correctly. It uses xacmpxchgirq to erase the swap entry, but it gets the entry order before tha...
CVE-2022-50699
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
SUSE CVE-2022-50699
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
UBUNTU-CVE-2022-50699
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
CVE-2022-50699
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
CVE-2022-50699 selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
CVE-2022-50699 selinux: enable use of both GFP_KERNEL and GFP_ATOMIC in convert_context()
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
SUSE CVE-2025-68304
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcicore: lookup hciconn on RX path on protocol side The hdev lock/lookup/unlock/use pattern in the packet RX path doesn't ensure hciconn is not concurrently modified/deleted. This locking appears to be leftover from...