CVE-2026-46262

A flaw was found in the Linux kernel's audio subsystem, specifically in the fslxcvr module. This vulnerability allows a local user to trigger a deadlock condition within the system. By attempting to acquire a read lock while already holding a write lock in the same process, the system can become...

EUVD-2026-34124

In the Linux kernel, the following vulnerability has been resolved: ASoC: fslxcvr: Revert fix missing lock in fslxcvrmodeput This reverts commit f51424872760 "ASoC: fslxcvr: fix missing lock in fslxcvrmodeput". The original patch attempted to acquire the card-controlsrwsem lock in fslxcvrmodeput...

CVE-2026-46248

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

samba: Samba: Remote Code Execution in printing subsystem via unescaped job description

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by...

Important: Red Hat Security Advisory: samba security update

An update for samba is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Oracle Linux 8 : kernel (ELSA-2026-21706)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21706 advisory. - smb: client: validate the whole DACL before rewriting it in cifsacl Paulo Alcantara RHEL-172815 CVE-2026-31709 - netfilter: xttcpmss: check remainin...

ALSA-2026:22963 Critical: samba security update

Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fixes: samba: Missing access check on reparse point operations...

AlmaLinux 8 : samba (ALSA-2026:22644)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:22644 advisory. samba: group policy certificate enrollment uses without validation CVE-2026-3012 samba: Samba: Remote Code Execution in printing subsystem via unescaped...

USN-8370-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker...

SUSE CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

Samba Unauthenticated Remote Code Execution

The printing subsystem of Samba suffers from an unauthenticated remote code execution vulnerability. Samba 4.22.10, 4.23.8 and 4.24.3 have been issued as security releases to correct the defect...

Linux Distros Unpatched Vulnerability : CVE-2026-46179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ASoC: SOF: Don't allow pointer operations on unconfigured streams When reporting the pointer for a compressed stream we report the current I/O frame position by...

DEBIAN-CVE-2026-9895

Out of bounds read in GPU in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-9936

Use after free in GFX in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...

CVE-2026-46140

A flaw was found in the Linux kernel's Bluetooth subsystem, specifically within the btmtk driver. A remote attacker could exploit this vulnerability by sending a specially crafted Wireless Management Terminal WMT event response. The system processes these responses without properly validating the...

CVE-2026-46144

A flaw was found in the Linux kernel's Remote Direct Memory Access RDMA subsystem, specifically within the mana driver. During an error unwind in the manaibcreateqprss function, a resource leak occurs where manaibcfgvportsteering is not properly cleaned up. This vulnerability could lead to resour...

CVE-2026-46115

A flaw was found in the Linux kernel's block subsystem. The biovecphysmergeable function, which combines physically contiguous memory segments, lacked a check to ensure these segments belonged to the same device page map devpagemap. This omission could result in the incorrect identification of th...

CVE-2026-46138

A flaw was found in the Linux kernel's Bluetooth subsystem, specifically within the hcilecreatebigcompleteevt function. A remote attacker, by sending a specially crafted LECreateBIGComplete event from a malicious Bluetooth controller, could trigger an out-of-bounds read and an infinite loop. This...

CVE-2026-46125

A flaw was found in the Linux kernel's mac80211 Wi-Fi subsystem. When Multi-Link Operation MLO connection preparation fails, the system may not correctly remove the associated station. This can lead to a use-after-free or double-free vulnerability in the debugfs component, potentially causing...