163 matches found
PT-2026-34893
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix trace marker copy link list updates When the "copy trace marker" option is enabled for an instance, anything written into /sys/kernel/tracing/trace marker is also copied into that instances buffer. When the option is...
Inspektor Gadget uses unsanitized ANSI Escape Sequences In `columns` Output Mode
Description String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged – partially or completely – event payload, coming from an observed container, might inject the...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013368)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013368 advisory. In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading tracepipe Soft lockup occurs when reading file...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011094)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011094 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at cod...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006955)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006955 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/hist: Fix out-of-bound write on 'actiondata.varrefidx' When generate a synthetic event wi...
tracing/dma: Cap dma_map_sg tracepoint arrays to prevent buffer overflow
...
CVE-2026-23390
In the Linux kernel, the following vulnerability has been resolved: tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large scatter-gather lists. With devices like virtio-gpu creating large DRM buffers,...
CVE-2026-23309 tracing: Add NULL pointer check to trigger_data_free()
In the Linux kernel, the following vulnerability has been resolved: tracing: Add NULL pointer check to triggerdatafree If triggerdataalloc fails and returns NULL, eventhisttriggerparse jumps to the outfree error path. While kfree safely handles a NULL pointer, triggerdatafree does not. This cause...
CVE-2026-23309
CVE-2026-23309 refers to a Linux kernel vulnerability in the tracing subsystem. The issue was a NULL pointer dereference in trigger_data_free() when data->cmd_ops->set_filter is evaluated after a failed trigger_data_alloc() and returning NULL. The root cause was that trigger_data_free() did...
Auditing MCP Servers for Over-Privileged Tool Capabilities
The Model Context Protocol MCP has emerged as a standard for connecting Large Language Models LLMs to external tools and data. However, MCP servers often expose privileged capabilities, such as file system access, network requests, and command execution that can be exploited if not properly...
CVE-2026-23217
CVE-2026-23217 relates to the Linux kernel on RISC-V where tracing the sbi_ecall functions can cause a deadlock in the snapshot path. The root cause is that sbi_ecall triggers a ringbuffer snapshot which may re-enter __sbi_ecall via an IPI, creating an endless loop when initial __sbi_ecall is pre...
SUSE CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
Siemens SIMATIC S7-1500 Out-of-bounds Read (CVE-2025-39683)
In the Linux kernel, the following vulnerability has been resolved: tracing: Limit access to parser-buffer when tracegetuser failed When the length of the string written to setftracefilter exceeds FTRACEBUFFMAX, the following KASAN alarm will be triggered: BUG: KASAN: slab-out-of-bounds in...
CVE-2026-23138
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-23138 tracing: Add recursion protection in kernel stack trace recording
In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...
CVE-2026-25996
CVE-2026-25996 affects Inspektor Gadget. The vulnerability arises because string fields from eBPF events in the columns output mode are rendered to the terminal without sanitizing control characters or ANSI escape sequences, enabling injection via crafted event payloads. Affected surface includes...
CVE-2026-23088 tracing: Fix crash on synthetic stacktrace field usage
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field usage When creating a synthetic event based on an existing synthetic event that had a stacktrace field and the new synthetic event used that field a kernel crash occurred: cd...
EUVD-2026-5454
In the Linux kernel, the following vulnerability has been resolved: tracing: Fix crash on synthetic stacktrace field usage When creating a synthetic event based on an existing synthetic event that had a stacktrace field and the new synthetic event used that field a kernel crash occurred: cd...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39890:...
CVE-2025-71125 tracing: Do not register unsupported perf events
In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...