CVE-2026-45979

A flaw was found in the Linux kernel's amdgpu graphics driver. When the system experiences low memory conditions, a specific cleanup routine within the amdgpucsparserbos function may fail to properly unlock a mutex. This oversight can lead to resource contention, potentially causing a denial of...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improved handling of time-out WRs for mad agents. The current timeout handler for mad agents acquires/releases the madagentpriv lock for every time-out WR. This causes heavy locking contention when more than one WR need...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Fixed the issue of locking the global state without backoff. We need to acquire the lock after the early return in the !hwpipe case. Otherwise, we might encounter contention but still return 0. This fix addresses an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: can: isotp: isotpsendmsg: added a result check for waiteventinterruptible. The waiteventinterruptible function is used to wait for complete transmission, but the result of this function, which may be interrupted, is not checked...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021646 advisory. In the Linux kernel, the following vulnerability has been resolved: fsnotify: clear PARENTWATCHED flags lazily In some setups directories can have many usually...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021585)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021585 advisory. In the Linux kernel, the following vulnerability has been resolved: RDMA/mad: Improve handling of timed out WRs of mad agent Current timeout handler of mad agent...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: xnio (UTSA-2026-021490)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021490 advisory. A flaw was found in XNIO, specifically in the notifyReadClosed method. The issue revealed this method was logging a message to another expected end. This flaw allows...

SUSE CVE-2021-46778

Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading SMT. By measuring the contention level on scheduler queues an attacker may potentially leak sensitive...

EUVD-2026-29601

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally...

SUSE CVE-2026-43253

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move waitonsem out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as waitonsem busy-waits under the spinlock with interrupts disabled. Move the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from calling iomapfiemap within the gfs2fiemap function when the inode glock is held. This can lead to...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: fsnotify: The flag PARENTWATCHED is cleared lazily. In some setups, directories can have many usually negative entries. As a result, the fsnotifyupdatechilddentryflags function can take a significant amount of time. Since most of...

CVE-2026-31579

A flaw was found in the Linux kernel's WireGuard component. A local user could trigger a hung task by causing contention for the rtnllock within the wgnetnspreexit callback. This issue can lead to a Denial of Service DoS, where the system becomes unresponsive as cleanup operations block...

Huawei HarmonyOS Event Notification Module Competitive Condition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A contention condition vulnerability exists in the Huawei HarmonyOS event notification module, which stems from a failure of the event notification module to...

Mishandling Resource Contention in AMD Processors

Revisions Revision Date| Description ---|--- 2026-04-14| Initial publication...

[SECURITY] Fedora 42 Update: rust-resctl-bench-2.2.5-12.fc42

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

[SECURITY] Fedora 43 Update: rust-resctl-bench-2.2.5-12.fc43

resctl-bench is a collection of whole-system benchmarks to evaluate resource control and hardware behaviors using realistic simulated workloads. Comprehensive resource control involves the whole system. Furthermore, testing resource control end-to-end requires scenarios involving realistic...

OpenClaw 安全漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from a security vulnerability that can be exploited by an attacker to redirect files outside of a container's mounted namespace using a contention condition...

Shape and Substance: Dual-Layer Side-Channel Attacks on Local Vision-Language Models

On-device Vision-Language Models VLMs promise data privacy via local execution. However, we show that the architectural shift toward Dynamic High-Resolution preprocessing e.g., AnyRes introduces an inherent algorithmic side-channel. Unlike static models, dynamic preprocessing decomposes images in...

EVerest 安全漏洞

EVerest is an open-source firmware for electric vehicle charging stations developed by EVerest. Versions prior to EVerest 2026.02.0 contain security vulnerabilities; these vulnerabilities stem from data competition and could lead to queue or double-ended queue corruption...