Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock

...

SUSE CVE-2026-31500

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintelhwerror with hcireqsynclock btintelhwerror issues two hcicmdsync calls HCIOPRESET and Intel exception-info retrieval without holding hcireqsynclock. This lets it race against hcidevdoclose -...

CVE-2026-41179

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Starting in version 1.48.0 and prior to version 1.73.5, the RC endpoint operations/fsinfo is exposed without AuthRequired: true and accepts attacker-controlled fs input. Because rc.GetFs...

CVE-2026-34066

The CVE affects the nimiq-blockchain Rust implementation. Before v1.3.0, HistoryStore::put_historic_txns asserts invariants on HistoricTransaction.block_number (must be within the macro block and same epoch). During history sync, a peer can influence the history input to Blockchain::push_history_...

CVE-2026-31455

A flaw was found in the Linux kernel's XFS file system. During the unmount process, the system attempts to flush data while background cleanup and inode garbage collection inodegc operations are still active. This improper synchronization can lead to data integrity issues or system instability, a...

EUVD-2026-24781

In the Linux kernel, the following vulnerability has been resolved: ext4: fix use-after-free in updatesuperwork when racing with umount Commit b98535d09179 "ext4: fix bugon in startthishandle during umount filesystem" moved ext4unregistersysfs before flushing ssbupdwork to prevent new error work...

CVE-2026-31516

In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policyhthresh.work from racing with netns teardown A XFRMMSGNEWSPDINFO request can queue the per-net work item policyhthresh.work onto the system workqueue. The queued callback, xfrmhashrebuild, retrieves the...

CVE-2026-31500

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintelhwerror with hcireqsynclock btintelhwerror issues two hcicmdsync calls HCIOPRESET and Intel exception-info retrieval without holding hcireqsynclock. This lets it race against hcidevdoclose -...

CVE-2026-31516 xfrm: prevent policy_hthresh.work from racing with netns teardown

In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policyhthresh.work from racing with netns teardown A XFRMMSGNEWSPDINFO request can queue the per-net work item policyhthresh.work onto the system workqueue. The queued callback, xfrmhashrebuild, retrieves the...

CVE-2026-31499 Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix deadlock in l2capconndel l2capconndel calls canceldelayedworksync for both infotimer and idaddrtimer while holding conn-lock. However, the work functions l2capinfotimeout and l2capconnupdateidaddr both acqui...

SUSE SLES16 Security Update : xwayland (SUSE-SU-2026:21211-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21211-1 advisory. - CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom...

PT-2026-34378

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the media mc and v4l2 components where MEDIA REQUEST IOC REINIT can run concurrently with VIDIOC REQBUFS0 queue teardown paths. This concurrency can cause...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper synchronization operations. This vulnerability may cause file systems that do not...

openSUSE 16 Security Update : xwayland (openSUSE-SU-2026:20560-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20560-1 advisory. - CVE-2026-33999: XKB Integer Underflow in XkbSetCompatMap bsc1260922. - CVE-2026-34000: XKB Out-of-bounds Read in CheckSetGeom bsc1260923. -...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013350)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013350 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftraceops KASAN reported a use-after-free with ftrace ops ...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012968)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012968 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: sh: aica: reorder cleanup operations to avoid UAF bugs The dreamcastcard-timer could schedu...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013160)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013160 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidpsessionthread There is a potential race condition in...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011296)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011296 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013074)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013074 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Sync pending IRQ work before freeing ring buffer Fix a race where irqwork can be queued in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012946)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012946 advisory. In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx...