CVE-2026-31721

CVE-2026-31721 affects the Linux kernel USB gadget subsystem, specifically the f_hid driver. The issue arises from initializing wait queues (poll_wait) with init_waitqueue_head inside hidg_bind, which re-initializes queues that may still contain items when the HID gadget is bound/unbound and epol...

CVE-2026-31721 usb: gadget: f_hid: move list and spinlock inits from bind to alloc

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

CVE-2026-31721

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fhid: move list and spinlock inits from bind to alloc There was an issue when you did the following: - setup and bind an hid gadget - open /dev/hidg0 - use the resulting fd in EPOLLCTLADD - unbind the UDC - bind the...

PT-2026-36359

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f eem component where the net device is allocated during function instance creation and registered during the bind phase. When the function unbinds, the...

PT-2026-36358

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f subset component where the net device is allocated during function instance creation and registered during the bind phase with the gadget device as it...

PT-2026-36357

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the USB gadget RNDIS component allows a network device to persist after the bind and unbind process, creating a zombie device. This occurs because the net device is allocated...

PT-2026-36356

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the USB gadget HID function where list and spinlock initializations were performed during the bind process. Specifically, queues registered via poll wait were...

RHSA-2026:11372 Red Hat Security Advisory: bind security update

Bulletin has no description...

RHSA-2026:11371 Red Hat Security Advisory: bind security update

Bulletin has no description...

CLSA-2026-1777453021 bind: Fix of CVE-2026-1519

CVE-2026-1519: limit NSEC3 iteration count when proving an insecure delegation so a maliciously crafted DNSSEC zone with a high-iteration NSEC3 record cannot exhaust resolver CPU; treat the answer as insecure above the 150-iteration limit. Backport of bind-9.11.36-16.el810.7 RHSA-2026:8352...

Fedora 44 : bind9-next (2026-01c20fe8ca)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-01c20fe8ca advisory. Update to 9.21.20 rhbz2440560 Security Fixes: - Fix unbounded NSEC3 iterations when validating referrals to unsigned delegations. CVE-2026-1519 - Fi...

RHEL 7 : bind (RHSA-2026:11371)

"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11371 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone

A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...

RHEL 6 : bind (RHSA-2026:11372)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:11372 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...

CVE-2026-31688

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

CVE-2026-31688 driver core: enforce device_lock for driver_match_device()

In the Linux kernel, the following vulnerability has been resolved: driver core: enforce devicelock for drivermatchdevice Currently, drivermatchdevice is called from three sites. One site deviceattachdriver holds devicelockdev, but the other two bindstore and driverattach do not. This inconsisten...

CVE-2026-7078

A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be launched remotely. The exploit has been released ...

runc: container escape with malicious config due to /dev/console mount and related races

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount to /dev/pts/$n, if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount...