979 matches found
CVE-2026-43260
In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix RSS context delete logic We need to free the corresponding RSS context VNIC in FW everytime an RSS context is deleted in driver. Commit 667ac333dbb7 added a check to delete the VNIC in FW only when netifrunning is tru...
CVE-2026-43229
The CVE-2026-43229 issue affects the Linux kernel via the chips-media wave5 driver. The root cause is an incorrect device cleanup order: video device unregistration was performed after power/runtime disable and hardware power-down, allowing a kthread worker to read hardware registers after autosu...
CVE-2026-43229
In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix device cleanup order to prevent kernel panic Move video device unregistration to the beginning of the remove function to ensure all video operations are stopped before cleaning up the worker thread...
CVE-2026-43127
In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...
Linux Distros Unpatched Vulnerability : CVE-2026-43141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntb: ntbhwswitchtec: Fix shift-out-of-bounds for 0 mw lut Number of MW LUTs depends on NTB configuration and can be set to zero, in such scenario...
CVE-2026-31758
The CVE-2026-31758 entry affects the Linux kernel usbtmc implementation. The vulnerability arises when releasing USB Test & Measurement Channels: pending anchored URBs are not flushed or killed during usbtmc_release, allowing use-after-free conditions (notably in the Host Controller Driver giveba...
EUVD-2026-26571
In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...
PT-2026-36393
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free error exists in the usbtmc release function. This occurs because pending anchored URBs USB Request Blocks are not properly flushed or killed, which can lead to memory...
Linux Distros Unpatched Vulnerability : CVE-2026-31691
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling...
CVE-2026-31691
In the Linux kernel, the following vulnerability has been resolved: igb: remove napisynchronize in igbdown When an AFXDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igbcleanrxirqzc repeatedly returns the full budget,...
CVE-2026-31691
The CVE-2026-31691 vulnerability affects the Linux kernel igb driver. It describes a race where igb_down() calls napi_synchronize() before napi_disable(), causing a hang: napi_synchronize() waits on NAPI_STATE_SCHED that never clears, blocking TX and leaving the TX queue stalled. The fix removes ...
PT-2026-35497
In the Linux kernel, the following vulnerability has been resolved: igb: remove napi synchronize in igb down When an AF XDP zero-copy application terminates abruptly e.g., kill -9, the XSK buffer pool is destroyed but NAPI polling continues. igb clean rx irq zc repeatedly returns the full budget,...
CVE-2026-7014
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...
EUVD-2026-25690
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...
CVE-2026-7014 MaxSite CMS down_count Plugin cross site scripting
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...
CVE-2026-7014 MaxSite CMS down_count Plugin cross site scripting
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component downcount Plugin. This manipulation of the argument ffile/fprefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading...
PT-2026-35195
A flaw has been found in MaxSite CMS up to 109.3. This vulnerability affects unknown code of the component down count Plugin. This manipulation of the argument f file/f prefix causes cross site scripting. The attack may be initiated remotely. The exploit has been published and may be used...
CVE-2026-31655
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOCHDCP clock enabled Keep the NOCHDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake...
CVE-2026-31655
CVE-2026-31655 affects the Linux kernel’s pmdomain: imx8mp-blk-ctrl module, where the NOC_HDCP clock must be kept enabled. The underlying issue is an inconsistent clock state that can disrupt the NoC ADB400 port power‑down handshake, potentially causing a system hang. Reported impact is a DoS-lik...
CVE-2026-31655 pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled
In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8mp-blk-ctrl: Keep the NOCHDCP clock enabled Keep the NOCHDCP clock always enabled to fix the potential hang caused by the NoC ADB400 port power down handshake...