29728 matches found
Fedora 42 : cef (2026-68ca733984)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-68ca733984 advisory. Update to cef-144.0.11+ge135be2 + chromium 144.0.7559.96 rhbz2432335 CVE-2026-1220: Race in V8 CVE-2026-0899: Out of bounds memory access in V8...
nightfury
NightFury Framework Version 2.0 | Professional Red Team Ope...
SUSE CVE-2025-71188
In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...
SUSE CVE-2025-71189
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...
SUSE CVE-2026-23033
In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...
CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
CVE-2025-71190
In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind...
CVE-2025-71189
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...
CVE-2026-23033
CVE-2026-23033 concerns the Linux kernel's dmaengine/omap-dma subsystem. The issue is a resource leak where the dma_pool created by dma_pool_create() is not destroyed if dma_async_device_register() or of_dma_controller_register() fails, leaving a leak in probe error paths. The remediation in the ...
CVE-2026-23026 dmaengine: qcom: gpi: Fix memory leak in gpi_peripheral_config()
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...
CVE-2026-23026
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...
CVE-2026-23026
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...
CVE-2025-71191 dmaengine: at_hdmac: fix device leak on of_dma_xlate()
In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 "dmaengine: athdmac...
CVE-2025-71188
CVE-2025-71188 affects the Linux kernel DMA engine path for the lpc18xx-dmamux component, where a reference leak to the platform device during route allocation could occur. The fix drops the reference after looking up the DMA mux platform device, mitigating the leak. OSV entries show Root:Ubuntu ...
CVE-2025-71186
In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent i...
CVE-2026-23016 inet: frags: drop fraglist conntrack references
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
PT-2026-5519
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nf conntrack cleanup net list to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce...
OESA-2026-1264 thunderbird security update
Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6.CVE-2025-14321 Sandbox escape due to incorrect boundary conditions in...
CVE-2025-26385
Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command Command Injection Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects Metasys: Application and Data Server ADS installed...
SUSE CVE-2026-23881
Kyverno is a policy engine designed for cloud native platform engineering teams. Versions prior to 1.16.3 and 1.15.3 have unbounded memory consumption in Kyverno's policy engine that allows users with policy creation privileges to cause denial of service by crafting policies that exponentially...