8663 matches found
CVE-2026-46139
CVE-2026-46139 relates to the Linux kernel Samba SMB ACL handling. A kmalloc’ed security descriptor buffer left the 2-byte reserved field uninitialized, because the code wrote fields with le16() but did not touch the reserved Sbz2 slot. If this field contained non-zero slab garbage, Samba could r...
CVE-2026-46139 smb: client: use kzalloc to zero-initialize security descriptor buffer
In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d "smb: common: change the data type of numaces to le16" split struct smbacl's le32 numaces field into le16 numaces and le16 reserved. The...
EUVD-2026-32763
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...
CVE-2026-46136
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...
CVE-2026-46135
CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...
EUVD-2026-32762
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...
CVE-2026-46135 nvmet-tcp: fix race between ICReq handling and queue teardown
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...
EUVD-2026-32761
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
CVE-2026-46134
Summary: CVE-2026-46134 affects the Linux kernel, specifically the Thunderbolt path under platform/chrome for CrosEC Type-C. The root cause was that in cros_typec_register_thunderbolt(), the adata->lock mutex was not initialized, which can lead to a NULL dereference when the mutex is later acq...
CVE-2026-46134 platform/chrome: cros_ec_typec: Init mutex in Thunderbolt registration
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...
EUVD-2026-32891
In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...
SUSE CVE-2025-71311
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longestmatchstd, invoked from ntfscompresswrite. When new folios are allocated without being marked uptodate and nireadframe is skipped because th...
SUSE CVE-2026-45977
In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...
CVE-2026-45926
A flaw was found in the Linux kernel. When initializing a Pulse Width Modulation PWM chip, a memory leak can occur if the pwmchipalloc function fails. This happens because the allocated pwmchip's initial reference is not properly released, leading to unmanaged memory consumption. This vulnerabili...
CVE-2026-45936
A flaw was found in the Linux kernel's goldfish power supply driver. A race condition during driver removal or initialization can lead to a use-after-free vulnerability. This allows an interrupt to access a freed or uninitialized power supply handle, which can cause the system to crash, resulting...
CVE-2026-45939
A flaw was found in the Linux kernel's gpib module. Improper error handling within the niusbinit function can lead to a memory leak. This occurs when the niusbsetupinit function fails to initialize, causing an allocated buffer to not be freed. Over time, this could result in reduced system...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the incorrect use of RCU in the mlx4srqevent function within RDMA mlx4. This vulnerability may le...
Electerm 安全漏洞
Electerm is a SSH/SFTP client developed by ZXDong262 of China, based on Electron. Versions of Electerm prior to 3.9.5 contained security vulnerabilities. These vulnerabilities stemmed from the use of a fixed-zero IV, a constant KDF salt, and no MAC generation in the deterministic AES-192-CBC...
PT-2026-44304
In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4 srq event Sashiko points out the radix tree itself is RCU safe, but nothing ever frees the mlx4 srq struct with RCU, and it isn't even accessed within the RCU critical section. It also will...
PT-2026-44257
In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros ec typec: Init mutex in Thunderbolt registration cros typec register thunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in cros typec...