9199 matches found
CVE-2026-46219
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free...
CVE-2026-46241
CVE-2026-46241 concerns the SPI driver for the MPC52xx in the Linux kernel, where a use-after-free can occur if controller registration fails because interrupts are not properly disabled and freed. The issue is resolved by a fix that ensures interrupts are disabled and resources freed on registra...
CVE-2026-46219
CVE-2026-46219 concerns a use-after-free in the SPI mpc52xx path of the Linux kernel. The description indicates the state machine work is scheduled by the interrupt handler and must be cancelled after interrupts are disabled to avoid use-after-free. Connected OSV entries show patches in rootio-li...
CVE-2026-46200 spi: mpc52xx: fix controller deregistration
In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix controller deregistration Make sure to deregister the controller before disabling and releasing underlying resources like interrupts and gpios during driver unbind...
CVE-2026-9798
A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication CIBA flow to bypass this...
SUSE CVE-2026-46074
In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...
SUSE CVE-2026-46084
In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...
Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
kernel security update
4.18.0-553.126.1 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and...
WordPress plugin PeachPay — Payments & Express Checkout for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The WordPres...
firefox security update
140.11.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 - diable wasisdk to prevent build failure with newer llvm 140.11.0 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.11.0-1 - Update to 140.11.0 ESR...
EUVD-2025-209971
In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...
CVE-2026-46074
In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...
CVE-2026-46036
In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Serialize VFIODEVICESETIRQS with a per-device mutex vfiocdxsetmsitrigger reads vdev-configmsi and operates on the vdev-cdxirqs array based on its value, but provides no serialization against concurrent VFIODEVICESETIRQS...
UBUNTU-CVE-2026-45977
In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...
CVE-2026-46084
In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...
CVE-2026-46084
CVE-2026-46084 : In the Linux kernel, the mana_ib driver fails to disable vPort RX steering when destroying RSS QP, leaving stale steering that may reference freed RX WQ objects. If traffic continues and a VF is brought up, the firmware can deliver completions using old CQ IDs, causing RX complet...
CVE-2026-46084
In the Linux kernel, the following vulnerability has been resolved: RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disable vPort RX steering in firmware. This leaves stale steering...
EUVD-2026-32456
In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...
CVE-2026-46074
In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix memory leaks on probe failures Make sure to deregister the controller, disable pins, and kill and free the RX URB on probe failures to mirror disconnect and avoid memory leaks and use-after-free. Also add an...