Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE CVE-2026-23401 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriti...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize the iterator. BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g., the bpfforeach macro ignores error returns from new...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: bcache: Fixed the abuse of variable-length arrays in btreeiter. btreeiter is used in two ways: either allocated on the stack with a fixed size MAXBSETS, or from a mempool with a dynamic size based on the specific cache set...

CVE-2026-43439

In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a cssset, cgroupmigrateaddtask first moves it from cset-tasks to cset-mgtasks via: listmovetail&task-cglist, &cset-mgtasks; If a csstaskiter...

CVE-2026-43439 cgroup: fix race between task migration and iteration

In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a cssset, cgroupmigrateaddtask first moves it from cset-tasks to cset-mgtasks via: listmovetail&task-cglist, &cset-mgtasks; If a csstaskiter...

CVE-2026-43439

In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a cssset, cgroupmigrateaddtask first moves it from cset-tasks to cset-mgtasks via: listmovetail&task-;cglist, &cset-;mgtasks; If a csstaskiter...

Gramps Web API: Private Sub-Object Data in Non-Private Objects Exposed to Guest Users

Summary Users with the Guest role could receive private sub-object data e.g. private alternate names, private addresses, private note/citation/media handles through list API endpoints such as GET /api/people/, GET /api/places/, GET /api/events/, and all other object list endpoints. This does not...

webpki: CRLs not considered authoritative by Distribution Point due to faulty matching logic

If a certificate had more than one distributionPoint, then only the first distributionPoint would be considered against each CRL's IssuingDistributionPoint distributionPoint, and then the certificate's subsequent distributionPoints would be ignored. The impact was that correct provided CRLs would...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock bsc1245723...

SUSE-SU-2026:0475-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. - CVE-2025-38129: pagepool: fix inconsistency for pagepoolringlock bsc1245723...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of unsafe loop iterators that could lead to reuse after release...

PT-2025-51637

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A regression was introduced in the Linux kernel due to a commit 995412e23bb2 related to SCSI core functionality and tag iterators. This regression is triggered by the scsi host busy...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to use safelist iterators, which could lead to reuse after release...

EUVD-2022-0695

Malicious code in bioql PyPI...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the use of unlocked iterators when updating the page table by SDMA, which could lead to warnings or data...

Fetch streams are great, but not for measuring upload/download progress

Part of my role at Mozilla is making sure we're focusing on the right features, and we got onto the topic of fetch upload streams. It's something Chrome has supported for a while, but it isn't yet supported in either Firefox or Safari. I asked folks on various social platforms what they thought o...

Linux Distros Unpatched Vulnerability : CVE-2025-38012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and...

SUSE CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: schedext: bpfiterscxdsqnew should always initialize iterator BPF programs may call next and destroy on BPF iterators even after new returns an error value e.g. bpfforeach macro ignores error returns from new. bpfiterscxdsqnew cou...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from uninitialized iterators that could lead to null pointer dereferencing...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Chipsets, which stems from the fact that accessing removed iterators while processing a data structure could result in memory corruption...