2888 matches found
CVE-2026-46073 hwmon: (powerz) Fix missing usb_kill_urb() on signal interrupt
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...
CVE-2026-46073
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...
CVE-2026-46073
CVE-2026-46073 is a Linux kernel issue in hwmon: powerz where wait_for_completion_interruptible_timeout() could return -ERESTARTSYS on signal interrupt and skip usb_kill_urb(), leading to reads from an unfilled transfer buffer. Public documents confirm a patch that: 1) captures the function retur...
EUVD-2026-32455
In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...
CVE-2026-46065 fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info
In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping...
CVE-2026-46065
CVE-2026-46065 affects the Linux kernel framebuffer (fbdev) defio mechanism. The issue arises from disconnecting deferred I/O from the lifetime of struct fb_info, by holding state in struct fb_deferred_io_state and freeing the instance only after the final mapping closes. If fb_info/defio are fre...
Linux Distros Unpatched Vulnerability : CVE-2026-46065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of the usbkillurb call during signal interrupts in the hwmon powerz module. This...
PT-2026-43940
Content removed...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the possibility of deadlock occurring when the shadow stack signals hold a mmap read lock during signal...
CVE-2026-46073
hwmon: powerz Fix missing usbkillurb on signal interrupt...
Identifying People Using Wi-Fi Routers
Not identifying people based on their use of Wi-Fi routers, but identifying people using Wi-Fi signals. This is accomplished through what is known as WiFi sensing, or the use of WiFi signals to infer information about a physical environment. When radio signals like WiFi travel through a space, th...
The Alert Firehose Finally Meets Its Match
Ask a cybersecurity pro about Network Detection and Response NDR and you might still hear "Noisy," "Too much data." But ask the teams running NDR that includes agentic AI capabilities and you'll hear they're actually using it to catch threats earlier, triage faster, and chase fewer false positive...
Edimax EW-7438RPn 命令注入漏洞
The Edimax EW-7438RPn is a wireless signal extender produced by Edimax of Taiwan, China. The Edimax EW-7438RPn version 1.28a has a command injection vulnerability. This vulnerability stems from improper handling of parameters such as...
ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories
This week starts small. A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are using the parts we already trust. That is what makes it worrying. The...
CVE-2026-5947
Undefined behavior may result due to a race condition leading to a use-after-free violation. If BIND receives an incoming DNS message signed with SIG0, it begins work to validate that signature. If, during that validation, the "recursive-clients" limit is reached as would occur during a query...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: smb: Client: Fixed a potential Use-after-Allocation error in cifssignalcifsdforreconnect. Skipped sessions that are being terminated status == SESEXITING to avoid UAF errors...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: seccomp: Move copyseccomp to the no-failure path. Our syzbot instance reported memory leaks in doseccomp, similar to the reports 1. This indicates that we are failing to properly free the struct seccompfilter and some objects...
CVE-2026-41893
Signal K Server is a server application that runs on a central hub in a boat. Prior to version 2.25.0, the HTTP login endpoints POST /login and POST /signalk/v1/auth/login are protected by express-rate-limit default: 100 attempts per 10-minute window, configurable via HTTPRATELIMITS. The WebSocke...
Oracle Linux 9 : freerdp (ELSA-2026-16482)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-16482 advisory. - Fix double free in xfrailwindowcommon cleanup CVE-2026-26986 - Fix growth of preallocated buffers CVE-2026-27951 - Fix heap-buffer-overflow in...