Insecure Default Initialization of Resource

Overview Affected versions of this package are vulnerable to Insecure Default Initialization of Resource due to insecure default SSH server configuration, which advertises weak or deprecated key exchange, MAC, and host key algorithms. An attacker can compromise the confidentiality and integrity o...

EUVD-2026-24862

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

EUVD-2026-24852

In the Linux kernel, the following vulnerability has been resolved: hwmon: pmbus/core Protect regulator operations with mutex The regulator operations pmbusregulatorgetvoltage, pmbusregulatorsetvoltage, and pmbusregulatorlistvoltage access PMBus registers and shared data but were not protected by...

CVE-2026-31492

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Initialize freeqp completion before using it In irdmacreateqp, if ibcopytoudata fails, it will call irdmadestroyqp to clean up which will attempt to wait on the freeqp completion, which is not initialized yet. Fix thi...

CVE-2026-31498 Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdulen infinite loop l2capconfigreq processes CONFIGREQ for channels in BTCONNECTED state to support L2CAP reconfiguration e.g. MTU changes. However, since both CONFINPUTDONE and...

CVE-2026-31450 ext4: publish jinode after initialization

In the Linux kernel, the following vulnerability has been resolved: ext4: publish jinode after initialization ext4inodeattachjinode publishes ei-jinode to concurrent users. It used to set ei-jinode before jbd2journalinitjbdinode, allowing a reader to observe a non-NULL jinode with ivfsinode still...

CVE-2026-31439 dmaengine: xilinx: xdma: Fix regmap init error handling

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap init error handling devmregmapinitmmio returns an ERRPTR upon error, not NULL. Fix the error check and also fix the error message. Use the error code from ERRPTR instead of the wrong value in r...

CVE-2026-31435 netfs: Fix read abandonment during retry

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix read abandonment during retry Under certain circumstances, all the remaining subrequests from a read request will get abandoned during retry. The abandonment process expects the 'subreq' variable to be set to the place...

CVE-2026-31435

Summary: CVE-2026-31435 affects the Linux kernel netfs read-abandonment path during retries. The root cause is an uninitialized/invalid subreq pointer used in the abandonment flow, which can lead to abandoning remaining subrequests incorrectly and may cause a kernel oops/DoS. Several connected ad...

EUVD-2026-24622

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

CVE-2026-41665

CVE-2026-41665 describes an integer overflow in the scratch buffer initialization size calculation within Samsung Open Source ONE, leading to incorrect memory initialization for large intermediate tensors. Affected versions are prior to commit 1.30.0. CVSS v3.1 base score 6.1 (Medium) with local ...

CVE-2026-41665

Integer overflow in scratch buffer initialization size calculation in Samsung Open Source ONE cause incorrect memory initialization for large intermediate tensors. Affected version is prior to commit 1.30.0...

ONE 输入验证错误漏洞

ONE is a high-performance edge-side neural network inference framework developed by Samsung. Versions of ONE prior to 1.30.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows during the calculation of the temporary buffer’s initial siz...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013832)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013832 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix race of buffer access at PCM OSS layer The PCM OSS layer tries to clear the buffer...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013846)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013846 advisory. In the Linux kernel, the following vulnerability has been resolved: Input: uinput - zero-initialize uinputffuploadcompat to avoid info leak Struct ffeffectcompat is...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013526)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013526 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible leaked pernet namespace in smcinit In smcinit,...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013849)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013849 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dssinitports and dssuninitports, we should call ofnodepu...