SUSE-SU-2026:1606-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. - CVE-2026-23243: RDMA/umad: Reject...

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

PT-2026-34914

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/mediatek component where driver data is not stored before the mipi dsi host register function is invoked. This causes the mtk dsi bind function to attempt to...

PT-2026-35008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free and refcount underflow can occur in the drm/i915/gt component. This happens when the heartbeat worker and the intel engine park heartbeat function race to release the sa...

EUVD-2026-25253

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

DEBIAN-CVE-2026-6921

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6921

Race in GPU in Google Chrome on Windows prior to 147.0.7727.117 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

CVE-2026-6921

CVE-2026-6921 describes a race condition in the GPU component of Google Chrome on Windows, prior to version 147.0.7727.117, that could allow a remote attacker to potentially escape the browser sandbox via a crafted video file. The vulnerability is exposed via a network vector and requires user in...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-6920

Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

giflib: giflib: Denial of Service via buffer overflow in EGifGCBToExtension

A flaw was found in giflib. A remote attacker can exploit a buffer overflow vulnerability in the EGifGCBToExtension function by providing a specially crafted Graphics Control Extension GCE block. This allows overwriting an existing GCE block without proper size validation, leading to a denial of...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2025-68818: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"...

OPENSUSE-SU-2026:20621-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 140.10.0 ESR. - MFSA 2026-32 bsc1262230: CVE-2026-6746: Use-after-free in the DOM: Core & HTML component CVE-2026-6747: Use-after-free in the WebRTC component CVE-2026-6748: Uninitialized memory ...

CGA-V285-CXC2-M645

Bulletin has no description...

CVE-2026-21733

Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...