CVE-2026-23386

A flaw was found in the Linux kernel, specifically within the gve network driver. When the driver operates in DQ-QPL Data Queue - Queue Pair List mode, the gvetxcleanpendingpackets function incorrectly processes buffer cleanup. This error can cause the system to attempt to unmap memory at incorre...

Security Bulletin: IBM MQ is affected by an authority vulnerablility (CVE-2026-1713)

Summary IBM MQ has addressed an authority vulnerablility Vulnerability Details CVEID:CVE-2026-1713 DESCRIPTION: IBM MQ is affected by an authority vulnerability allowing users access to SYSTEM.AUTH.DATA.QUEUE. CWE:CWE-305: Authentication Bypass by Primary Weakness CVSS Source: IBM CVSS Base score...

Security Bulletin: IBM MQ Appliance is affected by an authority vulnerability (CVE-2026-1713)

Summary IBM MQ Appliance has addressed an authority vulnerability. Vulnerability Details CVEID:CVE-2026-1713 DESCRIPTION: IBM MQ is affected by an authority vulnerability allowing users access to SYSTEM.AUTH.DATA.QUEUE. CWE:CWE-305: Authentication Bypass by Primary Weakness CVSS Source: IBM CVSS...

CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

CVE-2026-23069

CVE-2026-23069 (Linux kernel) : In vsock/virtio, the credit calculation in virtio_transport_get_credit() can underflow when the peer’s advertised buffer (peer_buf_alloc) shrinks while data is in flight, potentially allowing more data to be queued than the peer can handle. The issue arises from un...

CVE-2026-23066

CVE-2026-23066 concerns the Linux kernel RXRPC receive path. The issue arises in rxrpc_recvmsg() where, if MSG_DONTWAIT is requested and the front of the recvmsg queue has its mutex held, the call is unconditionally requeued, potentially corrupting the recvmsg queue and causing Use-After-Frees or...

EUVD-2022-55382

Malicious code in bioql PyPI...

SUSE CVE-2023-53442

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

UBUNTU-CVE-2023-53442

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

CVE-2023-53442

Technical details about CVE-2023-53442 are not present in the provided connected documents. The SUSE/Tenable entries reference kernel fixes in general but do not disclose affected products/versions or specific exploit vectors here. Monitor for official patch specifics.

CVE-2023-53442 ice: Block switchdev mode when ADQ is active and vice versa

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check when ADQ and switchdev modes are both enabled, which could result in a null pointer dereferen...

CVE-2025-38619

CVE-2025-38619 affects the Linux kernel media TI J721e CSI-2 RX driver. The root cause was that, when ti_csi2rx_start_dma() fails in ti_csi2rx_dma_callback(), the corresponding vb2 buffer was marked as ERROR but not removed from the DMA queue, allowing it to be retried and causing a list_del corr...

CVE-2025-38616 tls: handle data disappearing from under the TLS ULP

In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...

SUSE CVE-2022-50070

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/afinet.c:153 inetsockdestruct+0x6d0/0x8e0 net/ipv4/afinet.c:153 Modules linked in: uioivshmemOE ui...

SUSE CVE-2025-38042

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: k3-udma-glue: Drop skipfdq argument from k3udmaglueresetrxchn The user of k3udmaglueresetrxchn e.g. tiam65cpswnuss can run on multiple platforms having different DMA architectures. On some platforms there can be on...

CVE-2022-50116

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

CVE-2022-50116

The CVE refers to a Linux kernel flaw in tty n_gsm where deadlocks and link starvation could occur in the outgoing data path under ldisc congestion. The fix adds an additional control-channel data queue and processes it before the user-channel queue in gsm_data_kick(), moving this work to a dedic...

CVE-2022-50116 tty: n_gsm: fix deadlock and link starvation in outgoing data path

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: fix deadlock and link starvation in outgoing data path The current implementation queues up new control and user packets as needed and processes this queue down to the ldisc in the same code path. That means that the...

DEBIAN-CVE-2025-37969

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadtaggedfifo Prevent stlsm6dsxreadtaggedfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...