EUVD-2025-209804

A use of potentially dangerous function vulnerability in Fortinet FortiAnalyzer 7.6.0 through 7.6.4, FortiAnalyzer 7.4.0 through 7.4.8, FortiAnalyzer 7.2 all versions, FortiAnalyzer 7.0 all versions, FortiAnalyzer 6.4 all versions, FortiManager 7.6.0 through 7.6.4, FortiManager 7.4.0 through 7.4....

SUSE CVE-2026-43215

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later introduced srvlock, seslock and tclock to protect fields within the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from inconsistencies between the conditions for evaluating and unlocking dmub HW locks. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper acquisition and release of the reservation locks for GEM objects before and after vm...

This Week in Spring - May 5th, 2026

Hi, Spring fans! Welcome to another installment of This Week in Spring! It's May 5th, 2026, and I'm in Mainz, Germany, for the legendary JAX conference! It's been infinitely far too long since I've been at this amazing show, and I'm oh-so happy to be back here! Tonight, after my two talks here, I...

CVE-2026-31718

A flaw was found in ksmbd, the in-kernel SMB3 server for Linux. This vulnerability arises from an asymmetric cleanup process when a durable file handle survives a session disconnect. Specifically, byte-range locks are not properly cleared, leading to a 'use-after-free' error when the durable...

CVE-2026-31769 gpib: fix use-after-free in IO ioctl handlers

In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpibdescriptor pointer after board-biggpibmutex has been released. A concurrent IBCLOSEDEV ioctl can free the descriptor via...

CVE-2026-31756 usb: dwc2: gadget: Fix spin_lock/unlock mismatch in dwc2_hsotg_udc_stop()

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: gadget: Fix spinlock/unlock mismatch in dwc2hsotgudcstop dwc2gadgetexitclockgating internally calls callgadget macro, which expects hsotg-lock to be held since it does spinunlock/spinlock around the gadget driver...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between gether disconnect and ethstop in uether. This vulnerability may lead to...

CVE-2026-31526

A flaw was found in the Linux kernel's Berkeley Packet Filter BPF subsystem. When an exception occurs during the execution of a BPF subprogram, the system may fail to release user-acquired locks. This oversight can lead to resource leaks and system instability, potentially resulting in a Denial o...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper lock checking when subroutines exit abnormally, potentially leading to locks acquired by...

Linux kernel 安全漏洞

The Linux kernel is the core used by the open-source operating system Linux developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of mutual exclusion locks in the regulator operations within the pmbus core,...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007332)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007332 advisory. A flaw was found in the filelockinit in fs/locks.c function in the Linux kernel. This issue can lead to host memory exhaustion due to memcg not limiting the number o...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007308)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007308 advisory. In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Remove useless locks in usbtvvideofree Remove locks calls in usbtvvideofree because...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007426)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007426 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939sockslock to rwlock The following 3 locks would rac...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006590 advisory. In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtwjoinbsseventprehandle There is a deadlock in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006778)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006778 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: fix -anonvma race If an -anonvma is attached to the VMA, collapseandfreepmd...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from holding socket references before releasing locks. This vulnerability may lead to reusing locks...

CVE-2026-23311

A flaw was found in the Linux kernel's perf/core component. This vulnerability occurs due to an invalid wait context during event scheduling, specifically when a pinned event fails and attempts to wake up threads in the ring buffer. An attacker could potentially exploit this to cause system...

Schneider Electric EcoStruxure Foxboro DCS

GENERAL SECURITY RECOMMENDATIONS Schneider Electric strongly recommends the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business...