ALSA-2026:19225 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Service in authencesn due to too-short AAD CVE-2026-23060 kernel: crypto: algifaead - Revert to operating out-of-place CVE-2026-31431 kernel: crypto: afalg - limit...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RX hash table extraction in afalg without limiting the receive buffer budget. This could lead to...

CVE-2025-29786

Expr is an expression language and expression evaluation for Go. Prior to version 1.17.0, if the Expr expression parser is given an unbounded input string, it will attempt to compile the entire string and generate an Abstract Syntax Tree AST node for each part of the expression. In scenarios wher...

CompoundHandler and other contracts call native payable.transfer

Title CompoundHandler topUp, EthPool doTransferOut and VaultReserve withdraw call native payable.transfer Impact Multiple operations are handled by using a payable.transfer call. transfer has a gas budget limit which is unsafe because gas costs can and may change and can fail when the user is a...