3 matches found
CVE-2026-9546
A vulnerability in libcurl caused the HTTP Referer: header to persist even when explicitly cleared. While the documentation states that passing NULL to CURLOPTREFERER suppresses the header, the option failed to clear the internal state. As a result the previous referrer string was erroneously...
CVE-2023-53387
The CVE-2023-53387 issue affects the Linux kernel SCSI/UFS stack. In the UFS error handling flow, when a device management NOP OUT times out and doorbell clearing also fails, the dev_cmd.complete pointer is not NULL, causing __ufshcd_transfer_req_compl() to call complete() on a stack-allocated st...
Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)
A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is not affected by the MDS issue MDSNO=1, the guest was to...