CVE-2026-20826

CVE-2026-20826 describes a race-condition in the Tablet Windows User Interface (TWINUI) Subsystem. The initial entry asserts an information disclosure/elevation of privileges vector via concurrent access to a shared resource, enabling an authorized attacker to elevate privileges locally. Microsof...

CVE-2026-20826 Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

...

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

UBUNTU-CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

UBUNTU-CVE-2025-68768

In the Linux kernel, the following vulnerability has been resolved: inet: frags: flush pending skbs in fqdirpreexit We have been seeing occasional deadlocks on pernetopsrwsem since September in NIPA. The stuck task was usually modprobe often loading a driver like ipvlan, trying to take the lock a...

Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

Exposure of sensitive information to an unauthorized actor in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to disclose information locally...

Tablet Windows User Interface (TWINUI) Subsystem Information Disclosure Vulnerability

Concurrent execution using shared resource with improper synchronization 'race condition' in Tablet Windows User Interface TWINUI Subsystem allows an authorized attacker to elevate privileges locally...

CVE-2025-71088

In the Linux kernel, the following vulnerability has been resolved: mptcp: fallback earlier on simult connection Syzkaller reports a simult-connect race leading to inconsistent fallback status: WARNING: CPU: 3 PID: 33 at net/mptcp/subflow.c:1515 subflowdataready+0x40b/0x7c0 net/mptcp/subflow.c:15...

CVE-2025-71081

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: sai: fix OF node leak on probe The reference taken to the sync provider OF node when probing the platform device is currently only dropped if the setsync callback fails during DAI probe. Make sure to drop the referen...

CVE-2025-71079

CVE-2025-71079 concerns a Linux kernel deadlock between nfc_unregister_device() and rfkill_fop_write() caused by lock-order inversion (device_lock vs rfkill_global_mutex). The fix moves rfkill_unregister() and rfkill_destroy() outside the device_lock section, storing the rfkill pointer in a local...

CVE-2025-71075 scsi: aic94xx: fix use-after-free in device removal path

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

CVE-2025-71075 scsi: aic94xx: fix use-after-free in device removal path

In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...

CVE-2025-71068

In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...

CVE-2025-68807 block: fix race between wbt_enable_default and IO submission

In the Linux kernel, the following vulnerability has been resolved: block: fix race between wbtenabledefault and IO submission When wbtenabledefault is moved out of queue freezing in elevatorchange, it can cause the wbt inflight counter to become negative -1, leading to hung tasks in the writebac...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac Callers of wdevchandef must hold the wiphy mutex. But the worker cfg80211propagatecacdonewk never takes the lock. Which triggers the warning below with the...

PT-2026-2720

Name of the Vulnerable Software and Affected Versions Windows Local Security Authority Subsystem Service LSASS affected versions not specified Description A flaw exists in the Windows Local Security Authority Subsystem Service LSASS that could allow an attacker to cause a denial of service over a...

PT-2026-2700

Name of the Vulnerable Software and Affected Versions Microsoft Windows affected versions not specified Description A use after free condition exists in the Windows Local Security Authority Subsystem Service LSASS. This allows an authorized attacker to execute code over a network. Remote attacker...

PT-2026-2676

Name of the Vulnerable Software and Affected Versions Tablet Windows User Interface TWINUI Subsystem affected versions not specified Description A flaw exists due to concurrent execution using a shared resource with improper synchronization, creating a race condition within the Tablet Windows Use...

PT-2026-2602

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ASoC Audio System on Chip STM32 SAI Serial Audio Interface driver. Specifically, the vulnerability involves a potential OF Open Firmware...

PT-2026-2677

Name of the Vulnerable Software and Affected Versions Tablet Windows User Interface TWINUI Subsystem affected versions not specified Description The TWINUI Subsystem contains a flaw that could allow an attacker to disclose sensitive information locally. An authorized attacker can exploit this iss...