CLSA-2026-1778787063 kernel: Fix of 122 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - mptcp: always handle address removal under msk socket lock CVE-2025-21875 - uprobes: Reject the shared zeropage in uprobewriteopcode CVE-2025-21881 - net: hns3: make sure ptp clock is unregister and freed if hclgeptpgetcycle returns an...

DNSmasq 安全漏洞

DNSmasq is a DNS configuration tool developed by Simon Kelley. DNSmasq has a security vulnerability, which stems from a buffer overflow in the extractaddresses function. This vulnerability allows attackers to trigger heap-based out-of-bounds reads by exploiting malformed DNS responses, causing a...

SUSE CVE-2026-43463

In the Linux kernel, the following vulnerability has been resolved: rxrpc, afs: Fix missing error pointer check after rxrpckernellookuppeer rxrpckernellookuppeer can also return error pointers in addition to NULL, so just checking for NULL is not sufficient. Fix this by: 1 Changing...

ROS-20260320-73-0003

A vulnerability in the WebSocket protocol implementation of the libsoup library of the GNOME GUI is related to pointer dereferencing errors. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending a specially crafted POST request...

ROS-20260120-7305

A vulnerability in the tcp component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7330

A vulnerability in the vidtvbridge.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

📄 Microsoft Windows 11 Administrator Protection Bypass / Privilege Escalation

Microsoft Windows 11 suffers from an administrator protection bypass local privilege escalation vulnerability. Proof of concept Metasploit module included. =============================================================================================================================================...

ROS-20251006-01

A vulnerability in the certtool utility of the GnuTLS transport layer security library is related to an operation exceeding the buffer boundaries. operation outside of a buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

CVE-2023-53440 nilfs2: fix sysfs interface lifetime

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and lockdep warnings...

ROS-20250804-03

Vulnerability of NCompress::NRar5::CDecoder method of RAR5 decoder of 7-Zip archiver is related to possibility of heap-based buffer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability of NArchive::NCom::CHandler::GetStream metho...

The vulnerability of Adobe Illustrator’s graphic editor, related to pointer naming errors, allows a hacker to trigger a service failure.

The vulnerability of Adobe Illustrator’s graphic editor is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to trigger a service failure using a specially created malicious file...

Vulnerability of the functions iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() in Linux kernel, allowing a hacker to cause a service failure

The vulnerability of the iwlmvmtxskbsta and iwlmvmtxmpdu functions in the Linux operating system is related to pointer dereferencing errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

SUSE-SU-2025:0063-1 Security update for gstreamer-plugins-good

This update for gstreamer-plugins-good fixes the following issues: - CVE-2024-47540: Fixed an uninitialized stack memory in Matroska/WebM demuxer. boo1234421 - CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. boo1234414 - CVE-2024-47543: Fixed an out-of-bounds write in...

The vulnerability of the soup_auth_digest_authenticate() function in the GNOME graphical interface library allows a hacker to cause a service failure.

The vulnerability of the soupauthdigestauthenticate function in the GNOME graphical interface library libsoup is related to pointer dereferencing errors. Exploiting this vulnerability could allow a remote attacker to cause a service failure by sending a specially crafted POST request...

The vulnerability of the wlan STA driver microprogramming software of MediaTek, which allows a hacker to cause a service failure.

The vulnerability of the wlan STA driver’s microprogramming software from MediaTek is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2025-18464 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the function dpu plane virtual atomic check in the Linux kernel, which was dereferencing pointers returned by drm atomic get plane state without checking for...

The vulnerability of the DRM/AMD/display components in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the DRM/amd/display components in the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the library for working with the DICOM format in DCMT, related to pointer assignment errors, allows a perpetrator to trigger a service failure.

The vulnerability of the library for working with the DICOM format in DCMT is related to pointer assignment errors. Exploiting this vulnerability could allow an attacker to cause service failures...

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to pointer assignment errors allows a perpetrator to trigger a service failure.

The vulnerability of the Teamcenter Visualization lifecycle management system and the Siemens Tecnomatix Plant Simulation software environment related to simulation modeling of systems and processes is linked to errors in the assignment of pointers during the processing of WRL files. Exploiting...

The vulnerability in the implementation of the LDAP service protocol for Windows operating systems allows a perpetrator to cause a service failure.

The vulnerability of the LDAP Lightweight Directory Access Protocol implementation in Windows operating systems is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures...