2337 matches found
EUVD-2026-24916
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
CVE-2026-31525
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
CVE-2026-31525
CVE-2026-31525 concerns the Linux kernel BPF interpreter’s signed 32-bit division/modulo (sdiv32/smod32). The issue arises from using abs() on s32 operands, which is undefined for S32_MIN, causing incorrect results that can mismatch verifier behavior and enable out-of-bounds map access. A fix int...
CVE-2026-31525 bpf: Fix undefined behavior in interpreter sdiv/smod for INT_MIN
In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...
Linux Distros Unpatched Vulnerability : CVE-2026-31525
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32...
PT-2026-34430
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6 Linux kernel versions prior to 6.12 Linux kernel versions prior to 6.18 Linux kernel versions prior to 6.19 Description A mismatch between the BPF verifier and the BPF interpreter in the Linux kernel allows f...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from undefined behavior during the processing of INTMIN by the BPF interpreter sdiv/smod. This...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011253)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011253 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in 1, a platform firmwar...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability that stems from the sockrecfrominto method in asyncio, where the nbytes parameter lacks a data buffer boundary check. This could lead to out-of-buffer writing when the amount o...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011208)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011208 advisory. In the Linux kernel, the following vulnerability has been resolved: fs/binfmtelf: Fix memory leak in loadelfbinary There is a memory leak reported by kmemleak:...
[SECURITY] Fedora 42 Update: python3.12-3.12.13-3.fc42
Python 3.12 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.12 package provides the "python3.12" executable:...
[SECURITY] Fedora 42 Update: python3.11-3.11.15-4.fc42
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
GHSA-VFP4-8X56-J7C5 OpenClaw: Exec environment denylist missed high-risk interpreter startup variables
Summary Exec environment denylist missed high-risk interpreter startup variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact The exec environment policy missed interpreter startup variables such as VIMINIT, EXINIT, LUAINIT, and...
OpenClaw: Exec environment denylist missed high-risk interpreter startup variables
Summary Exec environment denylist missed high-risk interpreter startup variables. Affected Packages / Versions - Package: openclaw - Ecosystem: npm - Affected versions: = 2026.4.10 Impact The exec environment policy missed interpreter startup variables such as VIMINIT, EXINIT, LUAINIT, and...
[SECURITY] Fedora 42 Update: perl-5.40.4-520.fc42
Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...
[SECURITY] Fedora 43 Update: python3.15-3.15.0~a8-1.fc43
Python 3.15 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.15 package provides the "python3.15" executable:...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from incomplete mitigation measures for CVE-2026-4519, potentially leading to command injection attacks...
UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns
A previously undocumented threat cluster dubbed UAT-10362 has been attributed to spear-phishing campaigns targeting Taiwanese non-governmental organizations NGOs and suspected universities to deploy a new Lua-based malware called LucidRook. "LucidRook is a sophisticated stager that embeds a Lua...
CVE-2026-34217
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the scope hierarchy to...
CVE-2026-34217 SandboxJS has a Sandbox Escape via Prop Object Leak in New Handler
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, a scope modification vulnerability exists in @nyariv/sandboxjs. The vulnerability allows untrusted sandboxed code to leak internal interpreter objects through the new operator, exposing sandbox scope objects in the scope hierarchy to...