EUVD-2026-32223

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in niusbinit In niusbinit, if niusbsetupinit fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, niusbsetupinit returns 0 on failure, whic...

CVE-2025-15649

IO::Uncompress::Unzip versions before 2.215 for Perl propagate uncaught exception when parsing zip header with malformed DOS date. dosToUnixTime decodes the local-file-header last-modification date field and calls Time::Local::timelocal without an eval guard. A header whose date field decodes to ...

PT-2026-43806

In the Linux kernel, the following vulnerability has been resolved: gpib: Fix memory leak in ni usb init In ni usb init, if ni usb setup init fails, the function returns -EFAULT without freeing the allocated writes buffer, leading to a memory leak. Additionally, ni usb setup init returns 0 on...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fixed error propagation in efivarentryget The efivarentryget function always returns a success value, even if the underlying efivarentryget function fails, thereby masking errors. This may result in uninitialized heap...

CVE-2026-43357

In the Linux kernel, the following vulnerability has been resolved: iio: gyro: mpu3050-core: fix pmruntime error handling The return value of pmruntimegetsync is not checked, allowing the driver to access hardware that may fail to resume. The device usage count is also unconditionally incremented...

CVE-2026-43348

In the Linux kernel, the following vulnerability has been resolved: mshvvtl: Fix vmemmapshift exceeding MAXFOLIOORDER When registering VTL0 memory via MSHVADDVTL0MEMORY, the kernel computes pgmap-vmemmapshift as the number of trailing zeros in the OR of startpfn and lastpfn, intending to use the...

CVE-2026-43348

In the Linux kernel, the following vulnerability has been resolved: mshvvtl: Fix vmemmapshift exceeding MAXFOLIOORDER When registering VTL0 memory via MSHVADDVTL0MEMORY, the kernel computes pgmap-vmemmapshift as the number of trailing zeros in the OR of startpfn and lastpfn, intending to use the...

SUSE CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

EUVD-2026-27749

In the Linux kernel, the following vulnerability has been resolved: ceph: do not propagate page array emplacement errors as batch errors When fscrypt is enabled, movedirtyfolioinpagearray may fail because it needs to allocate bounce buffers to store the encrypted versions of each folio. Each foli...

EUVD-2026-27698

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43139

In the Linux kernel, the following vulnerability has been resolved: xfrm6: fix uninitialized saddr in xfrm6getsaddr xfrm6getsaddr does not check the return value of ipv6devgetsaddr. When ipv6devgetsaddr fails to find a suitable source address returns -EADDRNOTAVAIL, saddr-in6 is left uninitialize...

CVE-2026-43139

The CVE-2026-43139 entry concerns the Linux kernel xfrm6 subsystem. The issue arises in xfrm6_get_saddr() which does not check the return value of ipv6_dev_get_saddr(); when ipv6_dev_get_saddr() fails with -EADDRNOTAVAIL, saddr->in6 remains uninitialized and xfrm6_get_saddr() incorrectly retur...

SUSE CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

PT-2026-37479

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The xfrm6 get saddr function fails to check the return value of ipv6 dev get saddr. If ipv6 dev get saddr cannot find a suitable source address and returns -EADDRNOTAVAIL, the saddr-in6...

EUVD-2026-27365

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

CVE-2026-43066

CVE-2026-43066: In Linux kernel ext4_fc_replay_inode(), iloc.bh leak could occur on error paths due to missing brelse at several failure points. The patch adds an out_brelse label before the existing out label to ensure iloc.bh is released, and also makes ext4_fc_replay_inode() propagate errors i...

CVE-2026-43066

In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...

PT-2026-37069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the ext4 file system within the ext4 fc replay inode function. The function calls ext4 get fc inode loc to obtain the inode location, which creates a reference to...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: cifs: Return the correct error code from smb2getenckey Avoid a warning if the error is passed back up: 440700.376476 CIFS VFS: \otters.example.com cryptmessage: Could not get encryption key 440700.386947 ------------ Cut here...