Linux Distros Unpatched Vulnerability : CVE-2026-31733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non- SCXDSQINVALID triggering a spurious warning in markdirectdispatch...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: core: Do not increase scsidevice's iorequestcnt if dispatch failed" The "atomicinc&cmd-device-iorequestcnt" in scsiqueuerq would cause kernel panic because cmd-device may be freed after returning from...

CVE-2026-31733

A flaw was found in the Linux kernel's schedext component. The scheduler's direct dispatch state ddspdsqid was not consistently cleared across all execution paths. This oversight could leave the system in an incorrect state, leading to spurious warnings and unexpected behavior during task dispatc...

CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

CVE-2026-43039 net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

CVE-2026-43039

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emacdispatchskbzc allocates a new skb via napiallocskb but never copies the packet data from the XDP buffer into it. The skb is passed up the stack...

CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

CVE-2026-31733

CVE-2026-31733 concerns the Linux kernel’s sched_ext component, where the direct dispatch state (ddsp_dsq_id) could remain set across paths, causing a spurious warning in mark_direct_dispatch(). The root cause is that ddsp_dsq_id was only cleared in dispatch_enqueue(), and not consistently cleare...

CVE-2026-31733 sched_ext: Fix stale direct dispatch state in ddsp_dsq_id

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

EUVD-2026-26546

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

CVE-2026-31719

In the Linux kernel, the following vulnerability has been resolved: crypto: krb5enc - fix async decrypt skipping hash verification krb5encdispatchdecrypt sets req-base.complete as the skcipher callback, which is the caller's own completion handler. When the skcipher completes asynchronously, this...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the emacdispatchskbzc function in the icssg-prueth driver failing to copy XDP buffer data to a new skb,...

PT-2026-36368

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the sched ext component where the ddsp dsq id state can remain set non-SCX DSQ INVALID, leading to a spurious warning in the mark direct dispatch function. This occurs...

CVE-2026-41380

OpenClaw before 2026.3.28 contains an execution approval vulnerability in exec-approvals-allowlist.ts that allows allow-always persistence to trust wrapper carrier executables instead of invoked targets. Attackers can exploit positional carrier executable routing through dispatch wrappers to...

CVE-2026-41380

OpenClaw vulnerable before 2026.3.28 via exec-approvals-allowlist.ts: an execution-approval weakness lets one-time allow-always entries persistently trust wrapper carrier executables routed through dispatch wrappers, broadening the allowlist and weakening execution boundaries. CVSS 3.1/4.0 indica...

CVE-2026-41378 OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch

OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted...

CVE-2026-41378 OpenClaw < 2026.3.31 - Privilege Escalation to Remote Code Execution via Unrestricted node.event Agent Dispatch

OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escalate privileges by leveraging unrestricted...

CVE-2026-41378

OpenClaw OpenClaw is affected up to version 2026.3.28. The vulnerability allows paired nodes with the role=node to dispatch node.event agent requests with unrestricted gateway-side tool access, enabling remote code execution on the gateway. The issue is fixed in 2026.3.31 (patched in OpenClaw as ...

Uncontrolled Recursion

Overview Affected versions of this package are vulnerable to Uncontrolled Recursion due to uncontrolled recursion in the dispatch process. An attacker can cause a stack overflow and potentially crash the application by sending specially crafted input that triggers excessive recursive calls...