22653 matches found
EUVD-2026-45739
In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis16550: fix stack leak in trigger handler adis16550triggerhandler declares the scan data array on the stack without initializing it. The memcpy at the bottom fills only the first 28 bytes TEMP + 6 channels of...
CVE-2026-64154
In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix a reference leak in a6xxgpuinit In a6xxgpuinit, node is obtained via ofparsephandle. While there was a manual ofnodeput at the end of the common path, several early error returns would bypass this call,...
CVE-2026-63966
In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis16550: fix stack leak in trigger handler adis16550triggerhandler declares the scan data array on the stack without initializing it. The memcpy at the bottom fills only the first 28 bytes TEMP + 6 channels of...
CVE-2026-63965
In the Linux kernel, the following vulnerability has been resolved: iio: pressure: bmp280: fix stack leak in bmp580 trigger handler bmp580triggerhandler declares its scan buffer on the stack without an initializer and then memcpys 3 bytes of 24-bit sensor data into each 4-byte le32 field. The hig...
CVE-2026-64154 drm/msm/adreno: Fix a reference leak in a6xx_gpu_init()
In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix a reference leak in a6xxgpuinit In a6xxgpuinit, node is obtained via ofparsephandle. While there was a manual ofnodeput at the end of the common path, several early error returns would bypass this call,...
CVE-2026-64154
The CVE-2026-64154 entry concerns the Linux kernel DRM MSM Adreno driver (a6xx_gpu_init). The issue: a reference leak on the device_node obtained by of_parse_phandle() when early error returns bypass the corresponding of_node_put(). The fix uses a __free(device_node) cleanup handler to ensure the...
CVE-2026-64038 hwmon: (lm90) Stop work before releasing hwmon device
In the Linux kernel, the following vulnerability has been resolved: hwmon: lm90 Stop work before releasing hwmon device Sashiko reports: In lm90probe, the devm action to cancel the alertwork and reportwork lm90restoreconf is registered in lm90initclient before devmhwmondeviceregisterwithinfo is...
EUVD-2026-45611
In the Linux kernel, the following vulnerability has been resolved: hwmon: lm90 Stop work before releasing hwmon device Sashiko reports: In lm90probe, the devm action to cancel the alertwork and reportwork lm90restoreconf is registered in lm90initclient before devmhwmondeviceregisterwithinfo is...
CVE-2026-64013 ACPI: button: Fix ACPI GPE handler leak during removal
In the Linux kernel, the following vulnerability has been resolved: ACPI: button: Fix ACPI GPE handler leak during removal Commit a7e23ec17fee "ACPI: button: Install notifier for system events as well" changed the ACPI notify handler type for ACPI buttons to ACPIALLNOTIFY, but it forgot to update...
CVE-2026-64013
The CVE-2026-64013 issue affects the Linux kernel ACPI button handling. A change to the ACPI notify handler type to ACPI_ALL_NOTIFY in a commit (Install notifier for system events as well) was not reflected in acpi_button_remove(), causing the notify handler to leak after driver removal. The cons...
CVE-2026-63966 iio: imu: adis16550: fix stack leak in trigger handler
In the Linux kernel, the following vulnerability has been resolved: iio: imu: adis16550: fix stack leak in trigger handler adis16550triggerhandler declares the scan data array on the stack without initializing it. The memcpy at the bottom fills only the first 28 bytes TEMP + 6 channels of...
CVE-2026-63966
The CVE-2026-63966 issue affects the Linux kernel IIO imu driver for adis16550. The trigger handler allocates a scan data array on the stack but does not initialize it. A memcpy fills only the first 28 bytes (TEMP + 6 channels of GYRO/ACCEL), while a timestamp is written at offset 32, leaving byt...
CVE-2026-63948
The CVE affects the Linux kernel Bluetooth L2CAP stack, where l2cap_chan_timeout() leaks a l2cap_chan reference when chan->conn is NULL because the early return skips l2cap_chan_put() after __set_chan_timer() holds the reference via l2cap_chan_hold(). The fix adds the missing l2cap_chan_put() ...
CVE-2026-63888 scsi: target: iscsi: Fix CRC overread and double-free in iscsit_handle_text_cmd()
In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix CRC overread and double-free in iscsithandletextcmd Two latent bugs in the Text-phase handler, both present since the original LIO integration in commit e48354ce078c "iscsi-target: Add iSCSI fabric suppor...
CVE-2026-53379
The CVE affects the Linux kernel media/i2c ov8856 driver. In ov8856_init_controls(), the control handler is not freed if adding controls fails, leading to a resource leak on the error path. The fix adds an error exit label and converts the existing error return to use it, ensuring the control han...
EUVD-2026-45452
In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov8856: free control handler on error in ov8856initcontrols The control handler wasn't freed if adding controls failed, add an error exit label and convert the existing error return to use it...
CVE-2026-16213
A security flaw has been discovered in Fantomas42 django-blog-zinnia up to 0.20. Affected by this vulnerability is an unknown functionality of the file zinnia/views/mixins/entryprotection.py of the component Protected Entry Password Handler. The manipulation results in cleartext storage of...
CVE-2026-16215
A security flaw has been discovered in geex-arts django-jet up to 1.0.8. This impacts an unknown function of the component OAuth Credential Revoke Handler. Performing a manipulation results in missing authorization. The attack is possible to be carried out remotely. The exploit has been released ...
CVE-2026-16212
A vulnerability was identified in awesto django-shop up to 1.2.4. Affected is an unknown function of the file shop/models/inventory.py of the component Purchase Stock Handler. The manipulation leads to race condition. The attack is possible to be carried out remotely. The attack is considered to...
CVE-2026-16216
Geex-arts django-jet up to 1.0.8 contains a CSRF flaw in the OAuth Handler that can be exploited remotely. The vulnerability enables cross-site request forgery and is public, with no response from the project to the issue. The CVE reports a MEDIUM severity (CVSS 3.x/4.x family) and indicates no l...