SUSE CVE-2026-45977

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...

CVE-2026-45926

A flaw was found in the Linux kernel. When initializing a Pulse Width Modulation PWM chip, a memory leak can occur if the pwmchipalloc function fails. This happens because the allocated pwmchip's initial reference is not properly released, leading to unmanaged memory consumption. This vulnerabili...

CVE-2026-45936

A flaw was found in the Linux kernel's goldfish power supply driver. A race condition during driver removal or initialization can lead to a use-after-free vulnerability. This allows an interrupt to access a freed or uninitialized power supply handle, which can cause the system to crash, resulting...

CVE-2026-45939

A flaw was found in the Linux kernel's gpib module. Improper error handling within the niusbinit function can lead to a memory leak. This occurs when the niusbsetupinit function fails to initialize, causing an allocated buffer to not be freed. Over time, this could result in reduced system...

Electerm 安全漏洞

Electerm is a SSH/SFTP client developed by ZXDong262 of China, based on Electron. Versions of Electerm prior to 3.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of a fixed-zero IV, a constant KDF salt, and no MAC generation in the deterministic AES-192-CBC...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of RCU in the mlx4srqevent function within RDMA mlx4. This vulnerability may le...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in the createspaceinfo function in btrfs. This error leads to a double release of spaceinfo...

PT-2026-44257

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A NULL dereference occurs in the Linux kernel when the cros typec register thunderbolt function fails to initialize the adata-lock mutex. This issue manifests when the uninitialized mutex i...

PT-2026-44262

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the SMB client, the build sec desc function uses a buffer allocated with kmalloc, which does not zero-initialize the memory. Due to a change in the struct smb acl where the num aces...

PT-2026-44304

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A misuse of Read-Copy Update RCU, a synchronization mechanism that allows multiple readers to access data while a writer modifies it, occurs in the mlx4 srq event function. The mlx4 srq...

PT-2026-44299

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An error path fall-through exists in the mlx5 ib dev res srq init function. When the function allocates two Send Receive Queues SRQs, s0 and s1, a failure in ib create srq for s1 causes...

CVE-2026-45947

A flaw was found in the Linux kernel's AMD GPU display drm/amdgpu component. This vulnerability involves a memory leak within the amdgpuacpienumeratexcc function. When certain errors occur during the initialization process, the system fails to properly release allocated memory. This oversight can...

CVE-2026-9739

CVE-2026-9739 describes a DNS rebinding vulnerability due to a hardcoded Access-Control-Allow-Origin: * in the SSE initialization handler, despite earlier attempts to align with MCP security guidelines using allowed-origins and allowed-hosts. The issue specifically affects users connecting via To...

CVE-2026-46028

A flaw was found in the Linux kernel's algifaead Authenticated Encryption with Associated Data subsystem. Asynchronous async requests for AEAD operations use a shared initialization vector IV buffer. This shared state can be modified by subsequent socket activity before an async request fully...

CVE-2026-46060

A flaw was found in the Linux kernel's crypto: qat driver. This vulnerability occurs when the driver fails during device initialization, leading to Interrupt Request IRQ handlers not being properly detached before their associated resources are released. This improper cleanup can result in resour...

EUVD-2026-32261

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...

EUVD-2026-32260

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpurasinit When amdgpunbiorasswinit fails in amdgpurasinit, the function returns directly without freeing the allocated con structure, leading to a memory leak. Fix this by jumping to the...

EUVD-2026-32245

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

EUVD-2026-32231

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix memory leak in amdgpuacpienumeratexcc In amdgpuacpienumeratexcc, if amdgpuacpidevinit returns -ENOMEM, the function returns directly without releasing the allocated xccinfo, resulting in a memory leak. Fix this by...

EUVD-2026-32214

In the Linux kernel, the following vulnerability has been resolved: net: mctp: ensure our nlmsg responses are initialised Syed Faraz Abrar @farazsth98 from Zellic, and Pumpkin @u1f383 from DEVCORE Research Team working with Trend Micro Zero Day Initiative report that a RTMGETNEIGH will return...