CLSA-2026-1773668222 Fix CVE(s): CVE-2026-24481

SECURITY UPDATE: heap information disclosure in PSD handler - debian/patches/CVE-2026-24481.patch: zero-initialize pixel buffer in ReadPSDChannelZip to prevent heap info leak when ZIP-compressed layer data decompresses to fewer bytes than expected - CVE-2026-24481...

Linux Distros Unpatched Vulnerability : CVE-2024-26791

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string...

LSN-0111-1 Kernel Live Patch Security Notice

It was discovered that the watchqueue event notification system contained an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or escalate their privileges.CVE-2022-0995 In the Linux kernel, the following vulnerability has been resolved: smb: client:...

kernel: HID: core: zero-initialize the report buffer

A vulnerability was found in the Linux kernel's driver for Human Interface Devices. This flaw allows an attacker to use a malicious input device to read information from the report buffer. This could be used to leak kernel memory, enabling the exploitation of additional vulnerabilities...