1725 matches found
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
BIT-GRAFANA-2026-10601 Path Traversal in Tempo and Loki Data Source Plugins — Credential Leakage and Admin Endpoint Access
The Tempo and Loki datasource plugins construct backend HTTP requests by interpolating user-supplied input into URL paths without sanitization, enabling path traversal. A Viewer-role user can: 1 capture admin-configured datasource credentials secureJsonData custom headers by traversing to an...
SUSE CVE-2026-53175
In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...
SUSE CVE-2026-53201
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
CVE-2026-53201
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
UBUNTU-CVE-2026-53201
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
UBUNTU-CVE-2026-53175
In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...
UBUNTU-CVE-2026-53235
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
EUVD-2026-39326
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
CVE-2026-53235 net: add pskb_may_pull() to skb_gro_receive_list()
In the Linux kernel, the following vulnerability has been resolved: net: add pskbmaypull to skbgroreceivelist skbgroreceivelist calls skbpullskb, skbgrooffsetskb without first ensuring the data is in the linear area via pskbmaypull. When the skb arrives via napigrofrags, skbheadlen can be 0 all...
CVE-2026-53201 Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend"
In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...
CVE-2026-53175 inet: frags: fix use-after-free caused by the fqdir_pre_exit() flush
In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...
CVE-2026-53175
In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...
Linux Distros Unpatched Vulnerability : CVE-2026-53122
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a...
PT-2026-52271
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists during network namespace teardown. The function fqdir pre exit flushes incomplete fragment queues via inet frag queue flush, which frees queued socket buffe...
CVE-2026-53049
In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...
CVE-2026-53122
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...
CVE-2026-53049
CVE-2026-53049 affects the Linux kernel GFS2 component. The root cause is that gfs2_logd() called log-flushing routines (gfs2_ail1_start(), gfs2_ail1_wait(), gfs2_ail1_empty()) without holding sdp->sd_log_flush_lock, exposing a risk of race conditions with concurrent transactions. The patch in...
EUVD-2026-38917
In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...
CVE-2026-53049 gfs2: add some missing log locking
In the Linux kernel, the following vulnerability has been resolved: gfs2: add some missing log locking Function gfs2logd calls the log flushing functions gfs2ail1start, gfs2ail1wait, and gfs2ail1empty without holding sdp-sdlogflushlock, but these functions require exclusion against concurrent...