CVE-2026-22698

RustCrypto: Elliptic Curves is general purpose Elliptic Curve Cryptography ECC support, including types and traits for representing various elliptic curve forms, scalars, points, and public/secret keys composed thereof. In versions 0.14.0-pre.0 and 0.14.0-rc.0, a critical vulnerability exists in...

CVE-2025-68771

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list next free slot in the chain list is 0, triggring the...

CVE-2025-68771

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list next free slot in the chain list is 0, triggring the...

CVE-2025-68771 ocfs2: fix kernel BUG in ocfs2_find_victim_chain

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix kernel BUG in ocfs2findvictimchain syzbot reported a kernel BUG in ocfs2findvictimchain because the clnextfreerec field of the allocation chain list next free slot in the chain list is 0, triggring the...

CVE-2025-68767 hfsplus: Verify inode mode when loading from disk

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to 1, the permissions...

CVE-2025-68767

In the Linux kernel, the following vulnerability has been resolved: hfsplus: Verify inode mode when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 16bits "mode" field loaded from disk are corrupted. According to 1, the permissions...

CVE-2025-68767

The CVE-2025-68767 case affects the Linux kernel’s hfsplus inode loading: if the 16-bit mode field read from disk is corrupted and non-zero, the i_mode S_IFMT bits may become bogus. When mode is not 0, the file type is derived as: dir==1 → S_IFDIR; dir==0 → one of S_IFREG, S_IFLNK, S_IFCHR, S_IFB...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix PPMAGICMASK to avoid crashing on some 32-bit arches Helge reported that the introduction of PPMAGICMASK let to crashes on boot on his 32-bit parisc machine. The cause of this is the mask is set too wide, so the...

Fickling 代码问题漏洞

Fickling is an open source decompiler and static analyzer for Python by Trail of Bits. Fickling 0.1.7 before the version of the code problem vulnerability , the vulnerability stems from the existence of detection blindness to the builder module , which may lead to detection bypass...

CVE-1999-0350

Race condition in the dbloader program in ClearCase gives local users root access by setting SUID bits...

Pervasive Vulnerability Analysis and Defense for QKD-Based Quantum Private Query

Quantum Private Query QPQ based on Quantum Key Distribution QKD is among the most practically viable quantum communication protocols, with application value second only to QKD itself. However, prevalent security vulnerabilities in the post-processing stages of most existing QKD-based QPQ protocol...

PT-2026-25335

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is an implementation of the Remote Desktop Protocol. The gdi surface bits function handles SURFACE BITS COMMAND messages from the RDP server. When using NSCodec, the bmp.width and bmp.height...

PT-2026-8111

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to rxrpc, specifically a data-race warning and potential load/store tearing. The issue involves lockless accesses to -last tx at, which can lead ...

PT-2026-27714

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to HID Human Interface Device and PIDFF Protocol Interface for Force Feedback. The issue involves incorrect clearing of conditional effect bits,...

SUSE CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-992827)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992827 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to...

CVE-2023-54245 ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: tx-macro: Fix for KASAN: slab-out-of-bounds When we run syzkaller we get below Out of Bound. "KASAN: slab-out-of-bounds Read in regcacheflatread" Below is the backtrace of the issue: dumpbacktrace+0x0/0x4c8...

CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CVE-2022-50786

In the Linux kernel, the following vulnerability has been resolved: media: s5p-mfc: Clear workbit to handle error condition During error on CLOSEINSTANCE command, ctxworkbits was not getting cleared. During consequent mfc execution NULL pointer dereferencing of this context led to kernel panic...

CVE-2022-50786

The CVE-2022-50786 fix applies to the Linux kernel media: s5p-mfc driver. The root cause was that on CLOSE_INSTANCE error paths, ctx_work_bits were not cleared, which could lead to a NULL pointer dereference in subsequent MFC processing and trigger a kernel panic. The patch ensures ctx_work_bits ...