245 matches found
SUSE CVE-2026-53292
In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...
DEBIAN-CVE-2026-53292
In the Linux kernel, the following vulnerability has been resolved: net: phonet: do not BUGON in pnsocketautobind on failed bind syzbot reported a kernel BUG triggered from pnsocketsendmsg via pnsocketautobind: kernel BUG at net/phonet/socket.c:213! RIP: 0010:pnsocketautobind...
PT-2026-52931
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the phonet network component where the pn socket autobind function incorrectly handles a failed bind operation. When pn socket bind returns an -EINVAL error, the syste...
CVE-2026-53169
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...
UBUNTU-CVE-2026-53173
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...
UBUNTU-CVE-2026-53169
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...
EUVD-2026-39264
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...
EUVD-2026-39260
In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...
CVE-2026-53169
In the Linux kernel, accel/ethosu has been fixed to reject NPU_OP_RESIZE commands from userspace. The driver previously used an unconditional WARN_ON(1) in DRM_IOCTL_ETHOSU_GEM_CREATE, enabling kernel log spam and, if panic_on_warn was set, potential DoS via a local unprivileged user. The patch r...
EUVD-2026-39259
In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...
CVE-2026-53168
The CVE-2026-53168 issue affects the Linux kernel FUSE implementation. It concerns fuse_notify() pagecache operations on directories, where FUSE_NOTIFY_STORE/RETRIEVE could allow the FUSE daemon to access pagecache contents in kernel-internal storage for directories using FOPEN_CACHE_DIR. The fix...
PT-2026-52269
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An out-of-bounds write exists in the heap memory of the Linux kernel within the ethosu gem cmdstream copy and validate function. The issue occurs during the command stream parsing loop...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: This issue prevents infinite loops that occur when the next valid value is the same. When processing the valid field within the range valid : pos, if the valid value cannot be correctly retrieved—for example, if the...
Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: ublk: The SQE128 flag is validated before accessing the cmd field. The ublkctrlcmddump function accesses the sqe-cmd field before checking the IOURINGFSQE128 flag. This could lead to out-of-boundary memory access. The flag...
Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fixed potential overflow of PCM transfer buffer The PCM stream data in the USB-audio driver is transferred via USB URB packet buffers, and the size of each packet is determined dynamically. The packet sizes are...
PT-2026-51968
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the bpf prog test run skb function where the system may access ip hdrskb or ipv6 hdrskb even if the provided test input contains only an Ethernet header. This occurs...
CVE-2026-47131
A flaw was found in vm2, an open-source virtual machine VM sandbox for Node.js. A remote attacker can exploit this vulnerability by combining specific Buffer function calls and Node.js's ERRINVALIDARGTYPE error. This allows the attacker to obtain the host's TypeError constructor, leading to an...
PT-2026-47757
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the tap get user xdp function. When a frame is shorter than ETH HLEN, the function returns -EINVAL; similarly, it returns -ENOMEM if build skb fails. In both...
CVE-2026-46314
In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Reject empty multisync extension to prevent infinite loop v3dgetextensions walks a userspace-provided singly-linked list of ioctl extensions without any bound on the chain length. A local user can craft a self-referentia...
CVE-2026-46284
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix early boot crash on parameters without '=' separator If hugepages, hugepagesz, or defaulthugepagesz are specified on the kernel command line without the '=' separator, early parameter parsing passes NULL to...