7030 matches found
CVE-2026-52962
A flaw was found in the Linux kernel, specifically within the Ceph file system's extended attribute handling. A buffer leak occurs in the cephsetxattr function because a previously allocated buffer oldblob is not properly released. This can lead to resource exhaustion over time, potentially causi...
CVE-2026-53218
A flaw was found in the Linux kernel's netfilter component. This vulnerability occurs in the nftexthdr module when handling user-controlled data lengths with a specific flag, NFTEXTHDRFPRESENT, enabled. An attacker could exploit this by providing a crafted input, leading to the exposure of...
ROS-20260626-73-0011
The vulnerability of Mozilla Firefox, Firefox ESR, and the email client Thunderbird relates to reading data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
CVE-2026-49943
A flaw was found in the BIRD Internet Routing Daemon. An established BGP Border Gateway Protocol peer can send a specially crafted BGP UPDATE message containing an unusually long ASPATH Autonomous System Path attribute. When a BIRD filter evaluates an AS path mask expression, this can lead to a...
CVE-2026-53041
A flaw was found in the Linux kernel's Oracle Cluster File System version 2 OCFS2. When an OCFS2 inode has both inline and and block-based extended attributes xattrs, the listxattr function can return a size larger than the caller's buffer. This incorrect size handling can lead to a kernel bug an...
Moderate: Red Hat Security Advisory: libxslt security update
An update for libxslt is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
firefox: thunderbird: Memory safety bug fixed in Thunderbird ESR 140.12
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bug fixed in Thunderbird ESR 140.12...
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
CVE-2026-52690
Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...
Important: Red Hat Security Advisory: perl-IO-Compress security update
An update for perl-IO-Compress is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
UBUNTU-CVE-2026-53215
In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...
EUVD-2026-39242
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix the ACK parser to extract the SACK table for parsing Fix modification of the received skbuff in rxrpcinputsoftacks and a potential incorrect access of the buffer in a fragmented UDP packet the packet would probably hav...
ROS-20260625-73-0019
The vulnerability of the DOM component in Firefox web browsers, Firefox ESR, and the Thunderbird email client is related to the use of memory after it is released. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protecte...
Linux Distros Unpatched Vulnerability : CVE-2026-53041
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block- based xattrs, listxattr can return a size larger than the...
PT-2026-52247
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ACK parser of the rxrpc module. In the rxrpc input soft acks function, the AF RXRPC component incorrectly assumes that calling skb condense will always result in a...
EUVD-2026-38827
In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...
CVE-2026-53041
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...
CVE-2026-52959
In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request SVMVMGEXITEXTGUESTREQUEST, getextreport allocates a buffer to retrieve a certificate blob from the host, keeping track ...
CVE-2026-53045
CVE-2026-53045 concerns the Linux kernel memory subsystem, specifically the tegra124-emc component. The issue is that the check to determine whether DLL (Delay-Locked Loop) is enabled in the EMRS register was reversed: DLL is actually enabled when bit A0 is low. A fix to the check was applied in ...
CVE-2026-52962 ceph: fix a buffer leak in __ceph_setxattr()
In the Linux kernel, the following vulnerability has been resolved: ceph: fix a buffer leak in cephsetxattr The oldblob in cephsetxattr can store ci-ixattrs.preallocblob value during the retry. However, it is never called the cephbufferput for the oldblob object. This patch fixes the issue of the...