187 matches found
EUVD-2026-40983
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrack: destroy stale expectfn expectations on unregister NAT helpers such as nfnath323 store a raw pointer to module text in exp-expectfn e.g. ipnatq931expect. nfcthelperexpectfnunregister only unlinks the callba...
SUSE-SU-2026:22436-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-68822: Input: alps - fix use-after-free bugs caused by...
SUSE-SU-2026:22433-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...
SUSE-SU-2026:22458-1 Security update for the Linux Kernel
The SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs bsc1266290. - CVE-2025-38549: efivarfs: Fix memory leak of efivarfsfsinfo in...
netfilter: nft_ct: fix missing expect put in obj eval
...
CVE-2026-52970
A flaw was found in the netfilter: nftct component of the Linux kernel. The nftctexpectobjeval function allocates an expectation but fails to release its local reference. This oversight leads to a resource leak, which could potentially allow a local attacker to cause a denial of service by...
CVE-2026-52970
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...
CVE-2026-52970 netfilter: nft_ct: fix missing expect put in obj eval
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...
CVE-2026-52970
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...
ALSA-2026:21557 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: j1939: j1939sessionnew: fix skb reference counting CVE-2024-56645 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: mm: thp: deny...
Astra Linux - Vulnerability in Golang-1.19
The net/http HTTP/1.1 client mishandled the situation where a server responds to a request with an “Expect: 100-continue” header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, causing the next request sent on that connection to...
Malicious code in jest-expect (npm)
Part of the Mini Shai-Hulud supply chain attack campaign in which a threat actor compromised the npm account atool and published 631 malicious versions across 314 npm packages in an automated 22-minute burst. Each malicious version injects a preinstall hook that executes a 498KB obfuscated Bun...
@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)
fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754972...
@join-com/jest-matchers (>=1.0.0 <=1.0.1), jest-expect (=0.0.1) +1 more potentially affected by unknown CVE via fixed-round (=1.0.2)
fixed-round NPM version =1.0.2 is affected by a known vulnerability. The following packages have a transitive dependency on fixed-round and may be impacted: - @join-com/jest-matchers =1.0.0, =0.0.1, =0.0.2 Source cves: unknown CVE Source advisory: SNYK:JS-FIXEDROUND-16754804...
@join-com/jest-matchers (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via jest-expect (=0.0.1)
jest-expect NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jest-expect and may be impacted: - @join-com/jest-matchers =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-JESTEXPECT-16755085...
@join-com/jest-matchers (>=1.0.0 <=1.0.1) potentially affected by unknown CVE via jest-expect (=0.0.1)
jest-expect NPM version =0.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on jest-expect and may be impacted: - @join-com/jest-matchers =1.0.0, =1.0.1 Source cves: unknown CVE Source advisory: SNYK:JS-JESTEXPECT-16754916...
SUSE CVE-2026-43116
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...
EUVD-2026-27641
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...
CVE-2026-43116
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...
CVE-2026-43116 netfilter: ctnetlink: ensure safe access to master conntrack
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go away, making exp-master invalid. To access exp-master safely: - Grab the...