CVE-2026-49325

The CVE affects the Indian Motorcycle Scout Bobber + Tech 2025 model year, where the Wireless Control Module (WCM) wiring harness controls anti‑theft shutdown. A falling‑edge voltage transition on a dedicated wire pair signals shutdown to a peer ECU, but the receiving ECU cannot distinguish an ac...

EUVD-2026-32757

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

CVE-2026-45865

A flaw was found in the Linux kernel's Message Control Transport Protocol MCTP over I2C Inter-Integrated Circuit implementation. A local attacker could exploit this vulnerability by performing I2C reads on an MCTP-I2C device. This could lead to the disclosure of uninitialized stack memory,...

Dissecting the Black Box: Circuit-Level Analysis of LLM Vulnerability Detection

Large language models LLMs can detect software vulnerabilities, but how do they actually identify vulnerable code? We address this question using mechanistic interpretability; analyzing the internal computations of a neural network to understand its reasoning process.Using Circuit Tracer on...

UBUNTU-CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

PT-2026-43808

In the Linux kernel, the following vulnerability has been resolved: tpm: tpm i2c infineon: Fix locality leak on get burstcount failure get burstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the event handler of the mctp i2c device reading bytes from an uninitialized memory location. Thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: xiic: xiicxfer: Fixed a runtime PM leak on the error path. The xiicxfer function acquires a runtime PM reference when it is entered. This reference is released when the function is exited. Currently, there is one error path...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: i2c: validation of user data in compact ioctl. Incorrect user data may cause a warning in i2ctransfer. For example, it may result in zero messages being sent. The userspace environment should not be able to trigger such warnings...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: i2c: smbus – fixed the issue of NULL function pointers being dereferenced. Baruch reported an OOPS error when using the Designware controller as the target. Only targeting mode breaks the assumption that one transfer function ...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: i2c: i801 – Fixed block process call transactions. According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: nfc: fdp: Fixed a potential memory leak in fdpncisend. The fdpncisend function calls fdpncii2cwrite, which does not free the skb object after its execution. As a result, when fdpncii2cwrite is completed, the skb object will...

Security update for tor (critical)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2026:0164-1 Rating: critical References: 1264341 1264342 1264343 1264344 1264345 1264346 Cross-References: CVE-2026-44597 CVE-2026-44599 CVE-2026-44600 CVE-2026-44601 CVE-2026-44602 CVE-2026-44603 Affected Products:...

OPENSUSE-SU-2026:20709-1 Security update for tor

This update for tor fixes the following issues: Changes in tor: - Update to 0.4.9.8 Fix out-of-bounds read boo1264341, CVE-2026-44597, TROVE-2026-011 Do not attempt or accept BEGINDIR via conflux legs boo1264342, CVE-2026-44599,TROVE-2026-008 Adjust conflux out-of-order queue accounting when...

CVE-2026-43457

In the Linux kernel, the following vulnerability has been resolved: mctp: i2c: fix skb memory leak in receive path When 'midev-allowrx' is false, the newly allocated skb isn't consumed by netifrx, it needs to free the skb directly...

SUSE CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

PT-2026-38947

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A mismatched unlock for the DMUB HW lock occurs in the HWSS fast path. This happens because the evaluation for requiring the DMUB HW lock differs from the evaluation for unlocking it,...

CVE-2026-44601

A flaw was found in Tor. When the system experiences circuit queue memory pressure, a remote attacker could potentially trigger a double close of a circuit, leading to a client crash. This vulnerability can result in a Denial of Service DoS for affected Tor clients...

CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...

UBUNTU-CVE-2026-44601

Tor before 0.4.9.7, when circuit queue memory pressure exists, can experience a client crash because of a double close of a circuit, aka TROVE-2026-009...