CVE-2026-46081 crypto: acomp - fix wrong pointer stored by acomp_save_req()

In the Linux kernel, the following vulnerability has been resolved: crypto: acomp - fix wrong pointer stored by acompsavereq acompsavereq stores &req-chain in req-base.data. When acompreqchaindone is invoked on asynchronous completion, it receives &req-chain as the data argument but casts it...

CLSA-2026-1779455173 Fix CVE(s): CVE-2026-43618

SECURITY UPDATE: integer overflow in compressed-token decoder allows memory disclosure to a malicious sender - debian/patches/CVE-2026-43618.patch: cap rxtoken at MAXTOKENINDEX and add overflow checks in recvcompressedtokennum/run; add CHUNKSIZE bound check in simplerecvtoken; initialize data=NUL...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Protection was added to the device queue against concurrent access. In the dasdprofilestart function, the number of requests on the device queue is counted. However, access to the device queue is not protected against...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fixed the issue of invalid dereferencing of indirect CCW data pointers. The issue occurred in dasdeckddumpsense, where an invalid dereferencing of the indirect CCW data pointer led to a kernel panic in certain error...

CVE-2026-31490

A flaw was found in the Linux kernel's drm/xe/pf component. This vulnerability occurs when an error is returned during a migration restore operation, specifically from the xesriovpfmigrationrestoreproduce function, and the associated data pointer is not correctly cleared. This can lead to a...

Shopify: mruby-engine: UAF in MRubyEngine#initialize enables local RCE

Summary Double-init of MRubyEngine frees engine + unmaps mspace, but leaves Ruby DATAPTR dangling. Kernel reuses freed VA via mmapMAPFIXED. Attacker forges memrubyengine struct + mrbstate in reclaimed region, points mrbstate-allocf at libc.system, arranges bytes of mrbstate to also spell a shell...

EUVD-2026-11141

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

DEBIAN-CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2026-3805

When doing a second SMB request to the same host again, curl would wrongly use a data pointer pointing into already freed memory...

CVE-2023-53747

CVE-2023-53747 affects the Linux kernel vt/tty subsystem. The vulnerability arises from a use-after-free (UAF) in vc_screen when performing vcs_write() after console_unlock(); the vc_data pointer must be reloaded in the loop after console_lock() to prevent a UAF in vcs_size(). Publications across...

MLX has Wild Pointer Dereference in load_gguf()

Summary Segmentation fault in mlx::core::loadgguf when loading malicious GGUF files. Untrusted pointer from external gguflib library is dereferenced without validation, causing application crash. Environment: - OS: Ubuntu 20.04.6 LTS - Compiler: Clang 19.1.7 Vulnerability Location: mlx/io/gguf.cp...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990057)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990057 advisory. In the Linux kernel, the following vulnerability has been resolved: net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices The probe function is only...

EUVD-2020-9464

Malware in sbrugna...

EUVD-2025-26769

Malicious code in bioql PyPI...

EUVD-2021-7418

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from libiscsi not properly initializing the dddata pointer...

Linux Distros Unpatched Vulnerability : CVE-2025-37965

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper Why BUG: sleeping function called...

Linux Distros Unpatched Vulnerability : CVE-2023-52453

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: hisiaccvfiopci: Update migration data pointer correctly on saving/resume When the optional...