415 matches found
UBUNTU-CVE-2026-53332
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is already up when the PDR lookup is being registered, or in the...
Linux Distros Unpatched Vulnerability : CVE-2026-53332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is...
CVE-2026-53332
CVE-2026-53332 affects the Linux kernel’s slimbus driver (qcom-ngd-ctrl) where registering SSR/PDR callbacks and enabling interrupts can occur before the NGD device is fully initialized. If remoteproc starts in parallel with probing, or if a PDR lookup is registered while remoteproc is up, callba...
UBUNTU-CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
PT-2026-52958
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The wbt init enable default function uses WARN ON ONCE to check for failures from wbt alloc and wbt init. However, these are expected failure paths: wbt alloc may return NULL during memo...
EUVD-2026-38847
In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc pspassocdevicegetlocked obtains a pspdev reference via pspdevgetforsock which uses pspdevtryget under RCU; it then acquires psd-lock and drops the reference. Before the lo...
CVE-2026-52979
Mode C: Detailed CVE-2026-52979 insight. This CVE concerns the Linux kernel code path in the PSP (Power State Power?) subsystem, specifically the function psp_assoc_device_get_locked() and the handling around device references during unregister. The issue arises when psp_dev_get_for_sock() obtain...
CVE-2026-38718
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...
EUVD-2026-37921
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...
CVE-2026-38718
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...
CVE-2026-38718
The CVE-2026-38718 entry describes a buffer overflow vulnerability in the device registration function of InHand Networks IR912 and IR915 devices (versions including V1.0.0.r20042 and earlier). The underlying issue is a buffer overflow in the registration process, which could allow an attacker to...
CVE-2026-38718
InHand Networks IR912 V1.0.0.r20042 and IR915 V1.0.0.r20042 including earlier versions were discovered to contain a buffer overflow vulnerability in the device registration function. This vulnerability could allow an attacker to cause a denial of service attack on the remote target device...
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewer Than 20 Users Downloaded
Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-force attack launched by an unknown party. On May 31, 2026, the company said an "external" threat actor launched a brute-force attack agains...
SUSE CVE-2026-46109
In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...
SUSE CVE-2026-46083
In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...
CVE-2026-45883
A flaw was found in the Linux kernel, specifically within the iio: sca3000 module. This resource management vulnerability occurs when the iiodeviceregister function fails, as a system resource spi-irq is not properly released. This oversight can lead to a resource leak, potentially impacting syst...
CVE-2026-46083
A flaw was found in the Linux kernel. This vulnerability occurs when the spisetup function fails during the registration of a device, leading to improper cleanup and subsequent resource leaks. This can result in a denial of service DoS due to the exhaustion of system resources...
EUVD-2026-32349
In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...
CVE-2026-46083
In the Linux kernel, the following vulnerability has been resolved: spi: fix resource leaks on device setup failure Make sure to call controller cleanup if spisetup fails while registering a device to avoid leaking any resources allocated by setup...
CVE-2026-45883
In the Linux kernel, the following vulnerability has been resolved: iio: sca3000: Fix a resource leak in sca3000probe spi-irq from requestthreadedirq not released when iiodeviceregister fails. Add an return value check and jump to a common error handler when iiodeviceregister fails...