Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from uninitialized arrays and could lead to cleanup logic errors...

ROS-20260114-7330

A vulnerability in the dommap function of the Linux operating system kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260114-7307

A vulnerability in the sockmaplookupsys function of the net/core/sockmap.c module of the Linux kernel is related to synchronization errors when using a shared resource . Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability of protected...

ROS-20260114-7326

A vulnerability in the hcicblist function of the Linux kernel Bluetooth driver is related to synchronization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001704)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001704 advisory. In mmcblkreadsingle of block.c, there is a possible way to read kernel heap memory due to uninitialized data. This could lead to local information disclosure if...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : PHP vulnerabilities (USN-7953-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7953-1 advisory. It was discovered that PHP incorrectly handled memory while reading images in multi-chunk mode. An...

CVE-2025-71092 RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()

In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxtre: Fix OOB write in bnxtrecopyerrstats Commit ef56081d1864 "RDMA/bnxtre: RoCE related hardware counters update" added three new counters and placed them after BNXTREOUTOFSEQERR. BNXTREOUTOFSEQERR acts as a boundary mark...

CVE-2025-71092

Summary : The CVE-2025-71092 entry corresponds to a Linux kernel issue in RDMA/bnxt_re where an OOB write occurred during hw_stats allocation in bnxt_re_copy_err_stats(). The root cause was that three counters (BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, BNXT_RE_RESP_REMOTE_ACCESS_ERRS) were a...

CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2026-0878

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0878

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0879

CVE-2026-0879 is a sandbox escape in the Graphics component that affects Firefox and Thunderbird prior to certain versions. Concrete details from connected documents show: the vulnerability is described as a Sandbox escape due to incorrect boundary conditions in the Graphics component, affecting ...

CVE-2026-0878 Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component. This vulnerability was fixed in Firefox 147, Firefox ESR 140.7, Thunderbird 147, and Thunderbird 140.7...

CVE-2026-0878

CVE-2026-0878 describes a sandbox escape caused by incorrect boundary conditions in the Graphics: CanvasWebGL component. Affected: Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, Thunderbird

MiracleLinux 8 : firefox-128.11.0-1.el8_10.ML.1 (AXSA:2025-9974:19)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2025-9974:19 advisory. firefox: thunderbird: Clickjacking vulnerability could have led to leaking saved payment card details CVE-2025-5267 firefox: thunderbird: Potential...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a lack of consistent lock protection for access to the mflags field, which could lead to data contention and...

ROS-20260113-7314

A vulnerability in the kvmarchvcpuioctl function of the arch/x86/kvm/x86.c module of the Linux operating system kernel is related to synchronization errors when using a shared resource. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integrity and availability o...

ROS-20260113-7360

A vulnerability in the drivers/gpu/drm/amd/display component of the Linux operating system kernel is related to synchronization errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260113-7354

A vulnerability in the Linux operating system kernel is related to state management errors. Exploiting the vulnerability could allow an attacker to cause a denial of service...

Mozilla -- multiple vulnerabilities

Incorrect boundary conditions in the Graphics component. Use-after-free in the IPC component. Sandbox escape due to integer overflow in the Graphics component. Sandbox escape due to incorrect boundary conditions in the Graphics component. Mitigation bypass in the DOM: Security component...