3911 matches found
SUSE CVE-2026-23446
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...
SUSE CVE-2026-23462
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2capconn reference when user-remove callback is called: 97.809249 l2capconnfree: freeing conn ffff88810a171c00 97.809907 CPU: 1 UID: 0 PID:...
Electron: Use-after-free in offscreen shared texture release() callback
Impact Apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain conditions, the release callback provided on a paint event texture can outlive its backing native state, and invoking it after that point dereferences freed memory in the main...
GHSA-8X5Q-PVF5-64MP Electron: Use-after-free in offscreen shared texture release() callback
Impact Apps that use offscreen rendering with GPU shared textures may be vulnerable to a use-after-free. Under certain conditions, the release callback provided on a paint event texture can outlive its backing native state, and invoking it after that point dereferences freed memory in the main...
EUVD-2026-18724
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2capconn reference when user-remove callback is called: 97.809249 l2capconnfree: freeing conn ffff88810a171c00 97.809907 CPU: 1 UID: 0 PID:...
EUVD-2026-18692
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...
CVE-2026-23458
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback ctnetlinkexpctdumptable, but drops the conntrack reference immediately after...
UBUNTU-CVE-2026-23462
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2capconn reference when user-remove callback is called: 97.809249 l2capconnfree: freeing conn ffff88810a171c00 97.809907 CPU: 1 UID: 0 PID:...
CVE-2026-23462
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2capconn reference when user-remove callback is called: 97.809249 l2capconnfree: freeing conn ffff88810a171c00 97.809907 CPU: 1 UID: 0 PID:...
CVE-2026-23446
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...
UBUNTU-CVE-2026-23458
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback ctnetlinkexpctdumptable, but drops the conntrack reference immediately after...
CVE-2026-23462
CVE-2026-23462 affects the Linux kernel Bluetooth stack (HIDP/L2CAP). The issue is a use-after-free related to not dropping the l2cap_conn reference during user remove callbacks, leading to a trace like l2cap_conn_free and cascading calls in the Bluetooth/hci_core paths. Connected sources confirm...
CVE-2026-23446 net: usb: aqc111: Do not perform PM inside suspend callback
In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Do not perform PM inside suspend callback syzbot reports "task hung in rpmresume" This is caused by aqc111suspend calling the PM variant of its writecmd routine. The simplified call trace looks like this:...
EUVD-2026-18947
Electron: Use-after-free in offscreen child window paint callback...
EUVD-2026-18943
Electron: Use-after-free in download save dialog callback...
PT-2026-30152
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.0-rc2+ Description The Linux kernel contains a use-after-free flaw within the ctnetlink dump exp ct function, specifically related to conntrack pointer management during netlink dumps. The issue arises when t...
PT-2026-30277
Name of the Vulnerable Software and Affected Versions Electron versions 33.0.0-alpha.1 through 39.8.5, 40.8.5, 41.1.0, and 42.0.0-alpha.5 Description Electron applications utilizing offscreen rendering with GPU shared textures may experience a use-after-free condition. Specifically, the release...
PT-2026-30156
Name of the Vulnerable Software and Affected Versions Linux kernel versions 7.0.0-rc1 through 7.0.0-rc1 Description The Linux kernel contains a use-after-free UAF flaw within the Bluetooth HIDP subsystem. The issue arises from a failure to drop the l2cap conn reference when the user's remove...
PT-2026-30141
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw where the aqc111 suspend function calls the PM variant of its write cmd routine, leading to a task hang during resume operations. Specifically, the issue...
Replay Attack
Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Replay Attack in the callback process. An attacker can alter the origin of a Plivo callback before it is rejected by replaying a captured valid callback for a live call. Remediation Upgra...