kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

A flaw was found in the Linux kernel's Controller Area Network CAN ISO-TP isotp module. This vulnerability, known as a use-after-free, occurs when the system attempts to free a memory region while it is still being used. A local attacker could trigger this condition by sending a signal that...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fixed Use-after-Free, failed to increment the ref count of the skb while it was in use. This patch addresses a Use-after-Free issue identified by the syzbot. The problem arises when a skb is taken from the per-session...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: mr: Consolidate the ipmrcanfreetable checks. Guoyu Yin reported a crash in the ipmr netns cleanup path: WARNING: CPU: 2 PID: 14564 at net/ipv4/ipmr.c:440 ipmrfreetable net/ipv4/ipmr.c:440 inline WARNING: CPU: 2 PID: 14564 at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: An error occurred in usbsubmiturb, causing the URB to be unanchored before it is processed by gsusbreceivebulkcallback, thereby preventing a memory leak during cleanup. In commit 7352e1d5932a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: The issue was that can: ucan: introduced an out-of-bound read in the strscpy function’s source code. Commit 7fdaf8966aae “can: ucan: use strscpy instead of strncpy” inadvertently resulted in an out-of-bound read of one byte from...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if the device is no longer registered. The syzbot still reports that unregisternetdevice: waiting for vcan0 to become free. Usage count = 2. Even after commit 93a27b5891b8 “can: j1939: a...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: net: afcan – Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

RHEL 10 : kernel (RHSA-2026:25908)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:25908 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: afcan: do not leave a...

EUVD-2026-36557

Discourse is an open-source discussion platform. From versions 2026.1.0-latest to before 2026.1.4, 2026.3.0-latest to before 2026.3.1, and 2026.4.0-latest to before 2026.4.1, the AI "explain" helper only checks cansee? on the post being explained, not its replytopost, so any authenticated user wi...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap CVE-2025-40307 In the...

CVE-2026-11441

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

EUVD-2026-34976

A vulnerability was identified in theonedev onedev up to 15.0.5. This vulnerability affects the function canAccessIssue of the file /issues/ of the component Pull Request Handler. Such manipulation of the argument issue leads to improper authorization. It is possible to launch the attack remotely...

CVE-2026-11441

The CVE-2026-11441 affects Theonedev Onedev (up to 15.0.5) specifically the Pull Request Handler’s canAccessIssue function in the /issues/ path. The issue arises from manipulation of the issue argument, causing improper authorization. Exploitation is possible remotely. A fix is available in versi...

CVE-2026-34177

Canonical LXD versions 4.12 through 6.7 contain an incomplete denylist in isVMLowLevelOptionForbidden lxd/project/limits/permissions.go, which omits raw.apparmor and raw.qemu.conf from the set of keys blocked under the restricted.virtual-machines.lowlevel=block project restriction. A remote...

CVE-2026-37539

Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of service crash or possibly execute arbitrary code via crafted CAN FD frames...

CVE-2026-37537

collin80/Open-SAE-J1939 thru commit 744024d4306bc387857dfce439558336806acb06 2023-03-08 contains an integer underflow leading to out-of-bounds write in Transport Protocol Data Transfer handling. At line 23: uint8t index = data0 - 1. When data0 sequence number from CAN frame is 0, index underflows...

CVE-2026-8421

Concrete CMS 9.5.0 and below contains a CSRF vulnerability in the installpackage method of concrete/controllers/singlepage/dashboard/extend/install.php. An attacker who can cause an authenticated administrator to visit a crafted page, and who has placed or caused a package to be present under...

Fedora 44 : xorg-x11-server-Xwayland (2026-f98eff99c4)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-f98eff99c4 advisory. Update to xwayland 24.1.12, security fixes for ZDI-CAN-30136, ZDI-CAN-30159, ZDI-CAN-30160, ZDI-CAN-30161, ZDI-CAN-30163, ZDI-CAN-30164, ZDI-CAN-30165,...

MBS多款产品 安全漏洞

MBS Single-A and other products are a series of industrial communication gateways developed by the German company MBS. Several MBS products have security vulnerabilities. These vulnerabilities stem from insufficient validation of user-controlled inputs using the ugw-logstop method, which could...