73815 matches found
SUSE CVE-2026-43045
In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshvregionpin The current error handling has two issues: First, pinuserpagesfast can return a short pin count less than requested but greater than zero when it cannot pin all requested pages. This is...
SUSE CVE-2026-43063
In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...
SUSE CVE-2026-43066
In the Linux kernel, the following vulnerability has been resolved: ext4: fix iloc.bh leak in ext4fcreplayinode error paths During code review, Joseph found that ext4fcreplayinode calls ext4getfcinodeloc to get the inode location, which holds a reference to iloc.bh that must be released via brels...
SUSE CVE-2026-43072
In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platformgetirqbyname returns an int platformgetirqbyname will return a negative value if an error happens, so it should be checked and not just passed directly into devmrequestthreadedirq hoping all will be ok...
[SECURITY] Fedora 44 Update: pyOpenSSL-26.1.0-1.fc44
High-level wrapper around a subset of the OpenSSL library, includes among oth ers SSL.Connection objects, wrapping the methods of Python's portable sockets Callbacks written in Python Extensive error-handling mechanism, mirroring OpenSSL's error codes...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from bypassing the RDSCONNERROR state during the handling of RDS connection status. This may lead to abnorma...
PT-2026-37566
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Reliable Delivery Service RDS implementation where a shortcut was introduced allowing connections to transition from RDS CONN ERROR directly back to RDS CONN...
PT-2026-37541
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the system may attempt to access memory beyond allocated boundaries when the BIOS generates an incomplete or very small ARM Processor...
PT-2026-37542
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description In the fbdev component, specifically within the vt8500lcdfb driver, the fbi-fb.screen buffer is allocated using the dma alloc coherent function but is not properly released via dma free...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure to check the length of error records in the cperprintfwerr module. This vulnerability...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the improper handling of the error handling path in the pcislottrylock function. This issue...
PT-2026-37617
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the APEI/GHES component where the ghes new function fails to properly validate the size of CPER records. While the logic prevents allocating records larger than GHES...
PT-2026-37491
In the Linux kernel, the following vulnerability has been resolved: Revert "media: iris: Add sanity check for stop streaming" This reverts commit ad699fa78b59241c9d71a8cafb51525f3dab04d4. Revert the check that skipped stop streaming when the instance was in IRIS INST ERROR, as it caused multiple...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a symbolic error in the smbdirectpreparenegotiation function within ksmbd. This vulnerability may...
PT-2026-37558
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the tw9903 probe function. In a specific error path, memory allocated by v4l2 ctrl handler init and v4l2 ctrl new std is not properly released. Recommendations At...
PT-2026-37456
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null-pointer dereference can occur in the bcm vk read function. When the entry pointer is NULL and the rc variable is set to -EMSGSIZE, the system attempts to access to h msg, usr msg...
PT-2026-37448
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the rtw register hw function within the rtw88 wifi driver. This occurs because supported bands are not properly freed during the error path. The issue is addresse...
PT-2026-37658
A vulnerability in an identity management API endpoint of Cisco ISE could allow an unauthenticated, remote attacker to enumerate valid user accounts on an affected device. This vulnerability exists because error messages are observed when the affected API endpoint is called. An attacker could...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the KVM x86 architecture’s failure to handle the -EBUSY error when checking nested events,...
PT-2026-38274
Name of the Vulnerable Software and Affected Versions Flight versions prior to 3.18.1 Description The default error handler Engine:: error writes the full exception message, exception code, and stack trace, including absolute filesystem paths, directly into the HTTP 500 response without debug...