PT-2026-48332

Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handle dht get, the DhtResults accumulator is only initialized when the first DHT record passes verification. If the first record fails from a malicious DHT...

CVE-2026-24085

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-24085 Stack-based Buffer Overflow in Display

Memory Corruption when processing display command line information due to improper initialization of a variable...

CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

EUVD-2026-32891

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

Astra Linux - уязвимость в sox

In SoX 14.4.2, there is an assertion failure in rateinit in rate.c in libsox.a...

CVE-2026-43344

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix die ID init and look up bugs In snbeppci2phymapinit, in the nrnodeids 8 path, uncoredevicetodie may return -1 when all CPUs associated with the UBOX device are offline. Remove the WARNONONCEdieid == -1...

SUSE CVE-2026-43221

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: initialise event handler read bytes IPMB doesn't use i2c reads, but the handler needs to set a value. Otherwise an i2c read will return an uninitialised value from the bus driver...

CVE-2025-71294 drm/amdgpu: fix NULL pointer issue buffer funcs

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, bufferfuncs will not initialize, fix the null pointer issue if bufferfuncs not initialized...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Initialize the listhead of the restricted pool when SWIOTLBDYNAMIC=y. Using restricted DMA pools CONFIGDMARESTRICTEDPOOL=y in conjunction with dynamic SWIOTLB CONFIGSWIOTLBDYNAMIC=y leads to the following crash during...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: ti-vpe: cal: Fixed a NULL pointer dereference in calctxv4l2initformats. In calctxv4l2initformats, devmkzalloc is assigned to ctx-activefmt. There follows a dereference of ctx-activefmt, which could lead to a NULL pointer...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: crypto: afalg – Fixed an issue where initialisation was missing, affecting gcm-aes-s390. Fixed the afalgallocareq function to initialize areq-firstrsgl.sgl.sgt.sgl to point to the scatterlist array in areq-firstrsgl.sgl.sgl...

Astra Linux – Vulnerability in Linux 5.10

The nftablesnewset function in net/netfilter/nftablesapi.c in the Linux kernel before version 5.12.13 allows local users to cause a denial of service due to NULL pointer dereferencing and general protection faults, caused by the absence of initialization for nftsetelemexpralloc. A local user can...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vdpasimblk: The number of address spaces and virtqueue groups was set. The commit bda324fd037a “vdpasim: control virtqueue support” added two new fields nas, ngroups to vdpasimdevattr, but we forgot to initialize them for...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an incorrect enumeration of the SPDIF1 type during DAIO initialization in the ALSA ctxfi driver, which could...

staging: rtl8723bs: initialize le_tmp64 in rtw_BIP_verify()

...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007580)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007580 advisory. In the Linux kernel, the following vulnerability has been resolved: jfs: fix uninitialized waitqueue in transaction manager The transaction manager initialization in...

EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2026-1393)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token...

Security update for gimp

This update for gimp fixes the following issues: CVE-2026-2044: lack of proper initialization of memory can allow remote attackers to execute arbitrary code bsc1258532. CVE-2026-2045: check offset in the colormap is valid before using it bsc1258533. CVE-2026-2048: lack of proper validation of...

kernel: Linux kernel: irqchip/gic-v2m use-after-free vulnerability

A flaw was found in the Linux kernel's irqchip/gic-v2m component. This vulnerability allows a use-after-free condition via gicv2mgetfwnode being wrongly marked as init, causing it to be freed while still registered with the PCI Peripheral Component Interconnect subsystem during a PCI host bridge...