Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from illegal access to the PF limit register by VF in the libwx library. This vulnerability may lead t...

Oracle Database Server Net Service 安全漏洞

Oracle Database Server Net Service is a database network communication and connection management service component provided by Oracle Corporation. Versions 23.4.0 to 23.26.2 of Oracle Database Server Net Service contain security vulnerabilities. These vulnerabilities stem from issues with the Net...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from out-of-bounds read accesses and infinite loops in the hcilecreatebigcompleteevt function. This...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a needthisblock check when the llbitmap bitmap status in the md/raid5 driver is not...

SUSE CVE-2026-43345

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of disabling preemption between the scxclaimexit and trigger-assisted work processes,...

CVE-2026-42310

A flaw was found in Pillow, a Python imaging library. A remote attacker could supply a specially crafted malicious PDF file, causing the application to hang indefinitely and consume 100% CPU. This vulnerability leads to a Denial of Service DoS, making the application unresponsive...

PT-2026-40314

Pillow is a Python imaging library. From version 4.2.0 to before version 12.2.0, an attacker can supply a malicious PDF that causes the process to hang indefinitely, consuming 100% CPU and making the application unresponsive. This issue has been patched in version 12.2.0...

Continuous Discovery of Vulnerabilities in LLM Serving Systems with Fuzzing

LLM inference and serving systems have become security-critical infrastructure; however, many of their most concerning failures arise from the serving layer rather than from model behavior alone. Modern inference engines combine KV cache, batching, prefix sharing, speculative decoding, adapters,...

Pillow 安全漏洞

Pillow is an open-source image processing library developed by Pillow. Versions of Pillow from 4.2.0 to 12.2.0 contained security vulnerabilities. These vulnerabilities were due to malicious PDFs, which could cause processes to hang indefinitely, consume 100% of the CPU resources, and render the...

CVE-2026-43363

A flaw was found in the Linux kernel. When resuming from suspend to RAM s2ram, the system's firmware may incorrectly re-enable x2apic mode, even if the kernel had previously disabled it. This mismatch causes the kernel to operate with an incompatible interface, leading to system hangs and a Denia...

EUVD-2026-28735

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Use usbbulkmsgkillable with user-specified timeouts The usbtmc driver accepts timeout values specified by the user in an ioctl command, and uses these timeouts for some usbbulkmsg calls. Since the user can specify...

UBUNTU-CVE-2026-43314

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

CVE-2026-43345

Summary: The CVE concerns the Linux kernel IPA driver. For IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to CH_C_CNTXT_1. The register definition intended to define this field in CH_C_CNTXT_1 but used the old identifier ERINDEX instead of CH_ERINDEX, causing an incorrect event rin...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which arises from the possibility that scxenable may be infinitely starved during fair class saturation, leading to syst...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the threaded busypoll mechanism, causing rcu tasks to become stalled and potentially leading to system...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the inability of the g1 and g2 VPUs in the verisilicon driver to decode simultaneously, potential...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ata: patavia: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device attached, it can also...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel, which stems from a failure to process a DBC de-activation transaction in the qaic driver after a user leaves, which could...

Linux Distros Unpatched Vulnerability : CVE-2026-31465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - writeback: don't block sync for filesystems with no data integrity guarantees Add a SBINODATAINTEGRITY superblock flag for filesystems that cannot guarantee dat...