CVE-2026-23282 smb: client: fix oops due to uninitialised var in smb2_unlink()

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to uninitialised var in smb2unlink If SMB2openinit or SMB2closeinit fails e.g. reconnect, the iovs set @rqst will be left uninitialised, hence calling SMB2openfree, SMB2closefree or smb2setrelated on the...

UBUNTU-CVE-2026-23263

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix page array leak d9f595b9a65e "iouring/zcrx: fix leaking pages on sg init fail" fixed a page leakage but didn't free the page array, release it as well...

CVE-2026-0029

CVE-2026-0029 involves memory corruption in __pkvm_init_vm (pkvm.c) of the kernel, caused by a logic error, enabling local privilege escalation with no user interaction required. The initial description provides no exploitation details, no patch/version info, and no remediation steps. Connected d...

GIMP 安全漏洞

GIMP is an open-source bitmap image editor developed by the GIMP team. GIMP has a security vulnerability that stems from improper memory initialization during the parsing of PGM files, which may lead to remote code execution...

SUSE CVE-2026-23041

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...

CVE-2026-23076 ALSA: ctxfi: Fix potential OOB access in audio mixer handling

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004849)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004849 advisory. In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Fix incorrect assignment of signed error value to unsigned fwlevel Though...

CVE-2026-21913

CVE-2026-21913 affects Juniper Networks Junos OS on EX4000-48T, EX4000-48P and EX4000-48MP. The vulnerability is an incorrect initialization of the Internal Device Manager (IDM) that allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). A high volume of traffic dir...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly initializing the number of elements before accessing an array, which could result in an...

SUSE-SU-2026:20064-1 Security update for libpcap

This update for libpcap fixes the following issues: - CVE-2025-11961: missing validation of provided MAC-48 address string in pcapetheraton can lead to out-of-bounds read and write bsc1255765. - CVE-2024-8006: missing return value check in pcapfindalldevsex can lead to NULL pointer dereference...

PT-2026-27647

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the SMB2 implementation of the Linux kernel where uninitialized variables within the smb2 unlink function can lead to system crashes oops. Specifically, if SMB2 open ini...

PT-2026-8135

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the bpf subsystem, specifically within the test run functionality. A failure to properly account for the size of the xdp frame structure when...

CVE-2023-54217 Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an uninstall interrupt that may cause a null pointer dereference when the DPU controller is not used or was...

CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

UBUNTU-CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

CVE-2025-68249 most: usb: hdm_probe: Fix calling put_device() before device initialization

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

CVE-2025-68204 pmdomain: arm: scmi: Fix genpd leak on provider registration failure

In the Linux kernel, the following vulnerability has been resolved: pmdomain: arm: scmi: Fix genpd leak on provider registration failure If ofgenpdaddprovideronecell fails during probe, the previously created generic power domains are not removed, leading to a memory leak and potential kernel cra...

SUSE CVE-2023-53837

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

PT-2025-49696

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the ath11k module related to handling disconnected Wi-Fi peers. Specifically, a failure log occurs when attempting to find a peer with an ID of ...