CVE-2026-43371

In the Linux kernel, the following vulnerability has been resolved: net: macb: Shuffle the tx ring before enabling tx Quanyang observed that when using an NFS rootfs on an AMD ZynqMp board, the rootfs may take an extended time to recover after a suspend. Upon investigation, it was determined that...

CVE-2026-43365 xfs: fix undersized l_iclog_roundoff values

In the Linux kernel, the following vulnerability has been resolved: xfs: fix undersized liclogroundoff values If the superblock doesn't list a log stripe unit, we set the incore log roundoff value to 512. This leads to corrupt logs and unmountable filesystems in generic/617 on a disk with 4k...

CVE-2026-43365

The CVE-2026-43365 issue affects the Linux kernel XFS filesystem: if the superblock does not specify a log stripe unit, the in-core log roundoff may be set to 512 instead of 4096, leading to log corruption and potentially unmountable filesystems. Authors in connected reports describe the impact o...

CVE-2026-43299

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not ASSERT when the fs flips RO inside btrfsrepairiofailure BUG There is a bug report that when btrfs hits ENOSPC error in a critical path, btrfs flips RO this part is expected, although the ENOSPC bug still needs to be...

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

UBUNTU-CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

CVE-2026-43350

In the Linux kernel, a vulnerability in the SMB client path can allow a malicious server to exploit an ACE with sid_unix_NFS_mode by providing an ACE with only two subauthorities. parse_dacl() would treat this as an NFS mode SID and read sub_auth[2], potentially reading four bytes past the end of...

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

CVE-2026-43350 smb: client: require a full NFS mode SID before reading mode bits

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

CVE-2026-43350

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parsedacl treats an ACE SID matching sidunixNFSmode as an NFS mode SID and reads sid.subauth2 to recover the mode bits. That assumes the ACE carries three...

CVE-2026-43349

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fssanitychecknodefooter syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fssanitychecknodefooter+0x374/0xa20 fs/f2fs/node.c:1520 f2fssanitychecknodefooter+0x374/0xa20...

Malicious code in solana-py-sdk (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 410be1fb5add67052173f65435e5dcc6c97d9eda056afa09c612e1afe242be47 The code automatically scans the filesystem looking for BIP-39 seed phrases and data indicating private keys, and exfiltrates them --- Category: MALICIOUS - Th...

SUSE CVE-2026-43166

In the Linux kernel, the following vulnerability has been resolved: erofs: fix interlaced plain identification for encoded extents Only plain data whose start position and on-disk physical length are both aligned to the block size should be classified as interlaced plain extents. Otherwise, it mu...

PT-2026-38950

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Btrfs filesystem where the run one delayed ref function triggers a BUG panic when encountering an unexpected delayed reference type. This can lead to a system cras...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the btrfs file system. This vulnerability arises when the ASSERT function in the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the f2fssanitychecknodefooter function in the f2fs file system. This function accesses...

PraisonAI 路径遍历漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 4.6.37 contained a path traversal vulnerability. This vulnerability stemmed from the safeextractall helper function not verifying the linkname of members and not rejecting...

PT-2026-38993

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the USB gadget RNDIS driver where class, subclass, and protocol options can be accessed concurrently through configfs. This issue was discovered during code...

Forensic Analysis of Video Data Deletion and Recovery in Honeywell Surveillance File System

Real-time video surveillance systems store recorded video using digital video recorders DVRs and network video recorders NVRs. To support continuous high-volume video storage, these devices employ specialized, nonstandard file systems that are often proprietary and undocumented. This lack of...

PT-2026-39135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An uninitialized value bug exists where flags valid is not initialized before the vfs fileattr get function is called. This issue occurs because the fa variable is not handled with the...