PT-2026-4868

Out-of-bounds Write, Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in davisking dlib dlib/external/zlib modules. This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9...

A malicious rsh server can overwrite arbitrary files in a directory on the rcp client machine

An issue was discovered in rcp in NetKit through 0.17. For an rcp operation, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned. A malicious rsh server or Man-in-The-Middle attacker can overwrite...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005174)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005174 advisory. In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out l3mdevl3out can be called without RCU being held: rawsendm...

SUSE CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

UBUNTU-CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

CVE-2026-23001

CVE-2026-23001 – Linux kernel macvlan UAF fix Multiple connected advisories reference this CVE as a fix in the macvlan subsystem. The vulnerability is described as a use-after-free (UAF) in macvlan_forward_source(), with the fix adding RC (read-copy-update) protection on (struct macvlan_source_en...

EUVD-2026-4615

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

SUSE-SU-2026:0281-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. - CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. -...

CVE-2026-22986

In the Linux kernel, the following vulnerability has been resolved: gpiolib: fix race condition for gdev-srcu If two drivers were calling gpiochipadddatawithkey, one may be traversing the srcu-protected list in gpionametodesc, meanwhile other has just added its gdev in gpiodevaddtolistunlocked...

[SECURITY] Fedora 42 Update: rust-rkyv0.7-0.7.46-1.fc42

Zero-copy deserialization framework for Rust...

[SECURITY] Fedora 43 Update: rust-rkyv0.7-0.7.46-1.fc43

Zero-copy deserialization framework for Rust...

libexpat code issue vulnerabilities

libexpat is a streaming XML parser written in C language by the libexpat team. Versions of libexpat prior to 2.7.4 had code vulnerabilities; these vulnerabilities stemmed from the XMLExternalEntityParserCreate function not copying user data for unknown encoding processors...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004910)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004910 advisory. In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in aasimplewritetobuffer When copyfromuser failed, the memory is freed by...

CVE-2021-47853

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Azure Linux 3.0 Security Update: kernel (CVE-2024-49980)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49980 advisory. - In the Linux kernel, the following vulnerability has been resolved: vrf: revert vrf: Remove unnecessary...

Azure Linux 3.0 Security Update: haproxy (CVE-2024-45506)

The version of haproxy installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45506 advisory. - HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of servi...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38190)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38190 advisory. - In the Linux kernel, the following vulnerability has been resolved: atm: Revert atmaccounttx if...