84 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53284
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: only release the dirty pages io tree after successful writes WARNING With extra warning on dirty extent buffers at umount aka, the next patch in the...
CVE-2026-53069 net, bpf: fix null-ptr-deref in xdp_master_redirect() for down master
In the Linux kernel, the following vulnerability has been resolved: net, bpf: fix null-ptr-deref in xdpmasterredirect for down master syzkaller reported a kernel panic in bondrrgenslaveid reached via xdpmasterredirect. Full decoded trace: https://syzkaller.appspot.com/bug?extid=80e046b8da2820b6ba...
CVE-2026-53069
The CVE-2026-53069 issue is a Linux kernel null-pointer dereference in the XDP redirect path for bonding devices that have not been fully initialized. Specifically, bond_rr_gen_slave_id() can dereference a NULL rr_tx_counter when XDP redirects reach a bond that was never opened. The fix in xdp_ma...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: removing redundant scheduler job cleanup when CS aborts. When command submission fails due to an invalid userptr in amdgpucssubmit, legacy code will perform cleanup of scheduler jobs. However, this is completely...
EUVD-2026-36728
Multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads...
CVE-2026-5038
Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...
CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads
Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...
CVE-2026-5038 multer vulnerable to Denial of Service via incomplete cleanup of aborted uploads
Impact: multer versions 2.0.0-alpha.1 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe call does not propagate the stream destroy signal to the...
CVE-2026-5038
MULTER CVE-2026-5038 affects multer’s diskStorage: versions 2.0.0-alpha.1–2.1.1 and 3.0.0-alpha.1 are vulnerable. The root cause is that Readable.pipe() does not propagate the stream destroy signal to the underlying fs.WriteStream, allowing aborted or malformed multipart uploads to leave orphaned...
PT-2026-49242
Name of the Vulnerable Software and Affected Versions multer versions 2.0.0-alpha.1 through 2.1.1 multer version 3.0.0-alpha.1 Description A Denial of Service issue exists when using diskStorage. Aborted or malformed multipart uploads leave orphaned partial files on disk because the Readable.pipe...
PT-2026-38941
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A bug exists in the Btrfs file system where the kernel may crash if the file system switches to read-only RO mode during a read-repair operation. This occurs when a critical error, such ...
UBUNTU-CVE-2026-23111
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate has an inverted element activity check compared to its non-catchall counterpart nftmapelemactivate and compared to what is logically...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992944)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992944 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992333)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992333 advisory. In the Linux kernel, the following vulnerability has been resolved: jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted Following process will...
AZL-73087 CVE-2025-68745 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
CVE-2025-68745
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
CVE-2025-68745 scsi: qla2xxx: Clear cmds after chip reset
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...
UBUNTU-CVE-2023-53829
In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's flush the inode being aborted atomic operation to avoid stale dirty inode during eviction in this call stack: f2fsmarkinodedirtysync+0x22/0x40 f2fs f2fsabortatomicwrite+0xc4/0xf0...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to synchronize the inode state when an atomic write operation is aborted, which could lead to a...