1189 matches found
SUSE CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
CVE-2026-46274
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...
PT-2026-47326
In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in io wq remove pending io wq remove pending needs to fix up wq-hash tail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry i...
CVE-2026-6722
A flaw was found in PHP's SOAP extension. This vulnerability allows a remote attacker to execute arbitrary code on the affected system. The issue stems from a use-after-free error in the object deduplication mechanism, which can be triggered by sending a specially crafted SOAP request. This allow...
SUSE CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
CLSA-2026-1779533909 unbound: Fix of 3 CVEs
CVE-2026-33278: dangling pointer dereference in dnsmsgdeepcopyregion during DS sub-query suspend/resume; the previously-backported CVE-2023-50387-CVE-2023-50868.patch dragged the vulnerable 'res-rep = origin-rep;' struct-assignment into our 1.16.2 tree. Save the destination rrsets pointer,...
CLSA-2026-1779467733 unbound: Fix of CVE-2026-33278
CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...
CLSA-2026-1779467038 unbound: Fix of CVE-2026-33278
CVE-2026-33278: fix dangling pointer use-after-free in dnsmsgdeepcopyregion...
CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
CVE-2026-33278
NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: drm/nouveau: prime: fix ttmbodelayeddelete oops Fixed an oops in ttmbodelayeddelete that occurs due to a dangling pointer being referenced: Oops: General Protection Fault, likely for a non-canonical address 0x6b6b6b6b6b6b6b7b:...
Astra Linux - уязвимость в linux, linux-5.10
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling ‘file’ pointer...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: afpacket: Avoid errors after sockinitdata in packetcreate. After sockinitdata, the allocated sk object is attached to the provided sock object. In case of an error, packetcreate frees the sk object, leaving a dangling pointer in...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: inet: Do not leave a dangling sk pointer in inetcreate The sockinitdata function attaches the allocated sk object to the provided sock object. If inetcreate fails later, the sk object is freed, but the sock object retains a...
Astra Linux - уязвимость в curl
Due to the use of a dangling pointer, libcurl versions 7.29.0 through 7.71.1 can use the wrong connection when sending data...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Cleaning up a dangling pointer on the bind error path The mtkdrmBind function may fail, in which case drmdevPut is called, destroying the drmdevice object. However, a pointer to that object was still being held by t...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: The clearwalkcontrol function sets ctx-walkcontrol to the control structure provided by the caller before checking whether the context is running. If the context is inactive i.e., damonisrunning returns false, the...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: afcan – Do not leave a dangling sk pointer in cancreate. When the cancreate function fails, it releases the allocated sk object. However, sockinitdata has already attached this object to the provided sock object. This will...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fixed a dangling pointer in mgmtaddadvpatternsmonitorcomplete. This fix addresses the issue where, when status != -ECANCELED, mgmtpendingvalid was executed; otherwise, mgmtpendingfreecmd would free the memory, bu...