CVE-2026-43203

In the Linux kernel, the following vulnerability has been resolved: atm: fore200e: fix use-after-free in tasklets during device removal When the PCA-200E or SBA-200E adapter is being detached, the fore200e is deallocated. However, the txtasklet or rxtasklet may still be running or pending, leadin...

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

CVE-2026-43191

CVE-2026-43191 concerns the Linux kernel DRM/AMD display path, specifically the PHY FSM transition from TX_EN to PLL_ON for TMDS on DCN35. The issue stems from a backport from DCN401 intended to fix turning off the PHY PLL during TMDS disable, which could cause OTG to hang and affect DCHVM invali...

CVE-2026-43191

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TXEN-to-PLLON for TMDS on DCN35 Why A backport of the change made for DCN401 that addresses an issue where we turn off the PHY PLL when disabling TMDS output, which causes the OTG to...

CVE-2026-43133

Summary: CVE-2026-43133 affects Linux kernel KVM’s nested virtualization (nSVM). When an L2 guest executes VMSAVE/VMLOAD and is not intercepted by L1, KVM may incorrectly use vmcb02 instead of vmcb01 for guest state handling due to an oversight in VMLOAD/VMSAVE emulation after a patch. The root c...

CVE-2026-43133

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation Commit cc3ed80ae69f "KVM: nSVM: always use vmcb01 to for vmsave/vmload of guest state" made KVM always use vmcb01 for the fields controlled by VMSAVE/VMLOAD, but it missed...

CVE-2026-6420

A flaw was found in Keylime. An attacker with root access on an enrolled monitored machine, where the Keylime agent runs, can exploit a vulnerability in the Keylime verifier. The verifier uses a hardcoded challenge nonce for Trusted Platform Module TPM quote attestation instead of a...

kernel: Linux kernel KVM: Privilege escalation or denial of service due to improper shadow page table entry handling

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A local attacker with privileges on the host system could exploit a vulnerability in how KVM handles shadow page table entries SPTEs during memory-mapped I/O MMIO operations. By manipulating guest page table entrie...

CVE-2026-43096 mshv: Fix infinite fault loop on permission-denied GPA intercepts

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshvhandlegpaintercept attempts to remap pages for all faults...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the KVM x86 architecture’s failure to handle the -EBUSY error when checking nested events,...

RHCOS 4 : OpenShift Container Platform 4.4.13 machine-config-daemon and openshift (RHSA-2020:2927)

The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2927 advisory. - kubernetes: node localhost services reachable via martian packets CVE-2020-8558 - proglottis/gpgme: Use-after-free in GPGME bindin...

RHEL 9 : kernel-rt (RHSA-2026:14137)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:14137 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Joern 4.0.534

Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the atomicization of the PHY FSM conversion in the DRM and display mechanisms. This vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2026-43201

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an incomplete one, the current logic...

Linux Distros Unpatched Vulnerability : CVE-2026-43094

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ixgbevf: add missing negotiatefeatures op to Hyper-V ops table Commit a7075f501bd3 ixgbevf: fix mailbox API compatibility by negotiating supported features adde...

PT-2026-37531

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/amd/display component where disabling TMDS output turns off the PHY PLL Phase-Locked Loop, causing the OTG Output Timing Generator to remain stuck. This state...

Black_Box-Penetration-Testing

BlackBox-Penetration-Testing Black-box penetration test again...

GHSA-V37H-5MFM-C47C VM2 Has Sandbox Breakout Through Inspect Function

Summary VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. Details The node inspect method allows to log details of objects. To get to the...

NPM: VM2 Has Sandbox Breakout Through Promise Species

NPM: VM2 Has Sandbox Breakout Through Promise Species vulnerability discovered by ? in WordPress Npm vm2 versions = 3.10.3...