CVE-2026-46262

A flaw was found in the Linux kernel's audio subsystem, specifically in the fslxcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become...

CVE-2026-46256

A flaw was found in the Linux kernel, specifically within the NFS Network File System LOCALIO optimization. This vulnerability allows for a recursion deadlock to occur during direct reclaim operations. When LOCALIO attempts to write pages back into NFS via nfswritepages, it can lead to a system...

CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46256

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

EUVD-2026-34124

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46262 ASoC: fsl_xcvr: Revert fix missing lock in fsl_xcvr_mode_put()

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46262

CVE-2026-46262 concerns the Linux kernel ASoC driver for the Freescale XCVR (fsl_xcvr). The issue arises from a revert of a prior patch in fsl_xcvr_mode_put(), which previously attempted to acquire card->controls_rwsem while the ALSA core already holds the write lock for the entire put operati...

CVE-2026-46256

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfswritepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

PT-2026-46025

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl xcvr: Revert fix missing lock in fsl xcvr mode put This reverts commit f51424872760 "ASoC: fsl xcvr: fix missing lock in fsl xcvr mode put". The original patch attempted to acquire the card-controls rwsem lock in fsl xc...

PT-2026-46019

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: prevent direct reclaim recursion into NFS via nfs writepages LOCALIO is an NFS loopback mount optimization that avoids using the network for READ, WRITE and COMMIT if the NFS client and server are determined to be on...

CVE-2026-44579

A flaw was found in Next.js. Applications utilizing Partial Prerendering via the Cache Components feature are susceptible to connection exhaustion. A remote attacker can send crafted POST requests to a server action, triggering a request-body handling deadlock. This leaves connections open,...

crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages

A flaw was found in the crypto/tls package within the Go golang standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock,...

SUSE CVE-2026-46165

In the Linux kernel, the following vulnerability has been resolved: openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace period. So, either in an RCU call or after the synchronizenet. The...

SUSE CVE-2026-46223

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

SUSE SLES16 Security Update : libarchive (SUSE-SU-2026:21831-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21831-1 advisory. This update for libarchive fixes the following issues - CVE-2026-4111: logical deadlock the RAR5 filter subsystem and the...

Linux Distros Unpatched Vulnerability : CVE-2026-46165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: vport: fix self-deadlock on release of tunnel ports vports are used concurrently and protected by RCU, so netdevput must happen after the RCU grace...

Linux Distros Unpatched Vulnerability : CVE-2026-45907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned Fixes...

CVE-2025-71309

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An issue with incorrect lock ordering between the inode mutex and page locks during compressed frame reading can lead to a deadlock. This vulnerability allows a local attacker to cause a system to hang, resulting in a Denial of Servi...

CVE-2026-46165

A flaw was found in the Linux kernel's openvswitch vport component. This vulnerability arises during the release of tunnel ports, where a self-deadlock can occur. This prevents the vport from being properly freed and its references released, leading to a system deadlock during device removal. Suc...