1305 matches found
kernel: KVM: arm64: vgic-its: Drop the translation cache reference only for the erased entry
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for ARM64, specifically within the vgic-its component. This vulnerability occurs when multiple concurrent operations incorrectly drop the translation cache's reference to an entry more than once during cache invalidation. Thi...
UBUNTU-CVE-2026-53354
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-53354
A flaw was found in the Linux kernel, affecting systems running on certain Arm processors. This vulnerability involves an issue with how the system handles Translation Lookaside Buffer Invalidation TLBI operations. Specifically, a sequence of operations intended to invalidate memory translations...
CVE-2026-53354 arm64: errata: Mitigate TLBI errata on various Arm CPUs
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-53354
In the Linux kernel, the following vulnerability has been resolved: arm64: errata: Mitigate TLBI errata on various Arm CPUs A number of CPUs developed by Arm suffer from errata whereby a broadcast TLBI;DSB sequence may complete before the global observation of writes which are translated by an...
CVE-2026-53904
MCO is vulnerable to Account Denial of Service due to improper implementation of password reset functionality. Each password reset request invalidates previously set password as well as previously issued temporary passwords, furthermore, password resets are not limited in any way. An attacker who...
PT-2026-54822
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Certain Arm CPUs experience an issue where a broadcast TLBI;DSB sequence may complete before memory writes translated by an affected TLB entry are globally observed. This affects the...
CVE-2025-36359
CVE-2025-36359 affects IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2. The root cause is that session IDs are not invalidated after expiration, enabling an authenticated user to impersonate another user on the system. The IBM security bulletin confirms a CVSS v3.1 base score of 8.1 (HIGH) ...
EUVD-2025-210374
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system...
CVE-2025-36359 IBM DevOps Loop is susceptible to an Insufficient Session Expiration vulnerability.
IBM DevOps Automation 1.0.1 and IBM DevOps Loop 1.0.2 does not invalidate session IDs after expiration which could allow an authenticated user to impersonate another user on the system...
CVE-2026-53265
In the Linux kernel, the following vulnerability has been resolved: dm cache policy smq: check allocation under invalidate lock commit 2d1f7b65f5de "dm cache policy smq: fix missing locks in invalidating cache blocks" added mq-lock around the destructive part of smqinvalidatemapping, but left the...
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
PYSEC-2026-269 Apache Airflow: JWT token still valid after logout
When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanism that implements token invalidation at logout. Users who are concerned about the logout scenario...
CVE-2026-53312
A flaw was found in the Linux kernel's IOMMU Input/Output Memory Management Unit component for RISC-V architectures. An integer overflow in the invalidation path can lead to an infinite loop. This vulnerability could allow a local attacker to cause a Denial of Service DoS by triggering the overfl...
SUSE CVE-2026-53312
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
Linux Distros Unpatched Vulnerability : CVE-2026-53201
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert drm/xe: Skip exec queue schedule toggle if queue is idle during suspend This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip...
DEBIAN-CVE-2026-53312
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
CVE-2026-53312
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
UBUNTU-CVE-2026-53312
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...
EUVD-2026-39847
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather-end of ULONGMAX, but if this happens it will infinite loop because of the overflow. Also avoid...