CVE-2026-45870

A flaw was found in the Linux kernel's SUNRPC Sun Remote Procedure Call authentication GSS Generic Security Service module. This vulnerability occurs due to memory leaks in the XDR eXternal Data Representation decoding error paths within functions like gssxdecctx, gssxdecstatus, and gssxdecname...

SUSE CVE-2026-46034

In the Linux kernel, the following vulnerability has been resolved: vfio/cdx: Fix NULL pointer dereference in interrupt trigger path Add validation to ensure MSI is configured before accessing cdxirqs array in vfiocdxsetmsitrigger. Without this check, userspace can trigger a NULL pointer...

SUSE CVE-2026-46040

In the Linux kernel, the following vulnerability has been resolved: inotify: fix watch count leak when fsnotifyaddinodemarklocked fails When fsnotifyaddinodemarklocked fails in inotifynewwatch, the error path calls inotifyremovefromidr but does not call decinotifywatches to undo the preceding...

SUSE CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

SUSE CVE-2026-46053

In the Linux kernel, the following vulnerability has been resolved: net: rds: fix MR cleanup on copy error rdsrdmamap hands sg/pages ownership to the transport after getmr succeeds. If copying the generated cookie back to user space fails after that point, the error path must not free those...

SUSE CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

CVE-2026-45871

A flaw was found in the Linux kernel's Trusted Platform Module TPM subsystem. When the getburstcount function encounters an error, the st33zp24 driver fails to release a previously acquired resource. This oversight can lead to resource exhaustion, potentially allowing a local attacker to cause a...

CVE-2026-45878

A flaw was found in the Linux kernel's AMD KFD Kernel Fusion Driver component. A local user could exploit a boundary error in the debug address watch v2 functionality by providing a specially crafted watchid. This could lead to a buffer overflow, potentially allowing memory access outside of...

CVE-2026-45904

A flaw was found in the Linux kernel's PowerPC Enhanced Error Handling EEH driver. This issue involves a recursive locking mechanism where the system attempts to acquire a Peripheral Component Interconnect PCI bus lock multiple times. This can lead to a system deadlock, causing unresponsiveness a...

CVE-2026-45920

A flaw was found in the Linux kernel's ext4 filesystem. This vulnerability allows a local user to trigger an inconsistency in the dirty clusters count during filesystem shutdown. The issue stems from a double decrement in the error handling path, which can lead to system instability and a denial ...

CVE-2026-45939

A flaw was found in the Linux kernel's gpib module. Improper error handling within the niusbinit function can lead to a memory leak. This occurs when the niusbsetupinit function fails to initialize, causing an allocated buffer to not be freed. Over time, this could result in reduced system...

Samba 操作系统命令注入漏洞

Samba is an open-source suite of standard Windows interoperability programs for Linux and Unix systems. Samba has a vulnerability related to operating system command injection, which stems from the incorrect escaping of shell metacharacters when the “check password” script uses the %u character...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of flow-allowed pointer operations in the ASoC SOF, potentially leading to a zero overflow err...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak in device names within EDAC/versalnet...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an cleanup error in manadestroywqobj within manaibcreateqprss. This vulnerability may lead to double...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper error handling in the drm/msm/gem module. This vulnerability may lead to null pointer...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the setupgeo function in md raid10 not verifying that farcopies is zero, potentially leading to a zero...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect implementation of the isguestmode function in KVM x86’s slow refresh supercall...

Linux Distros Unpatched Vulnerability : CVE-2026-46010

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix error handling in rxgkextracttoken Fix a missing bit of error handling in rxgkextracttoken: in the event that rxgkdecryptskb returns -ENOMEM, it shou...

PT-2026-44490

Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description A logic error in the validation of expiration timestamps allows a time-bounded access token to remain usable after its intended validity window has closed. This enables an unauthenticated acto...