27998 matches found
CVE-2026-43109
In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstkpopsigframe doesn't check for errors from mmapreadlockkillable, which is a silly oversight, and also shows that we haven't marked those functions with...
CVE-2026-43107
In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including XFRMAIFID when x-ifid is set. xfrmaeventmsgsize does not include space for...
CVE-2026-43085
CVE-2026-43085: In the Linux kernel, nfnetlink_log did not initialize the nfgenmsg payload when emitting NLMSG_DONE terminators while batching multiple NFLOG messages, leaking four bytes of stale heap data to userspace. The issue is fixed by using nfnl_msg_put() to build the NLMSG_DONE terminator...
SUSE CVE-2026-31758
In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Flush anchored URBs in usbtmcrelease When calling usbtmcrelease, pending anchored URBs must be flushed or killed to prevent use-after-free errors e.g. in the HCD giveback path. Call usbtmcdrawdown to allow anchored...
SUSE CVE-2026-43017
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate mesh send advertising payload length meshsend currently bounds MGMTOPMESHSEND by total command length, but it never verifies that the bytes supplied for the flexible advdata array actually match the...
PT-2026-37513
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A kernel NULL pointer dereference occurs in the xscale ethernet component. The function ixp4xx get ts info calls ixp46x ptp find unconditionally, even though PTP Precision Time Protocol...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the schedule variable being set to NULL in the error path of ipvsaddservice. As a result, a null...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that xfrmpolicyfini does not wait for the RCU reader to complete before releasing the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ntfs3 file system’s failure to handle the attrsetsize function error when truncating files,...
PT-2026-37577
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the amdgpu gem va ioctl function where the fence was selected too early and its reference was not managed correctly. This leads to refcount underflows and the use of...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking for the return value of in6devget in the ioam6fillTraceData function. This...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of boundary checks in the fwmboxindexxlate function, potentially leading to out-of-bound...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the fact that the VMLOAD/VMSAVE emulation in KVM nSVM does not always utilize vmcb01, potentially...
Linux Distros Unpatched Vulnerability : CVE-2026-43107
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: account XFRMAIFID in aevent size calculation xfrmgetae allocates the reply skb with xfrmaeventmsgsize, then buildaevent appends attributes including...
PT-2026-37622
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionic query port The function ionic query port calls ib device get netdev without checking the return value which could lead to NULL pointer dereference, Fix it by checking th...
PT-2026-37404
In the Linux kernel, the following vulnerability has been resolved: ixgbevf: add missing negotiate features op to Hyper-V ops table Commit a7075f501bd3 "ixgbevf: fix mailbox API compatibility by negotiating supported features" added the .negotiate features callback to ixgbe mac operations and...
PT-2026-37479
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The xfrm6 get saddr function fails to check the return value of ipv6 dev get saddr. If ipv6 dev get saddr cannot find a suitable source address and returns -EADDRNOTAVAIL, the saddr-in6...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an overflow in the range size calculation in the tcfskbedithash function. This vulnerability may...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the processmetadataupdate function in the md-cluster module. This function derefreshes a null...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the srcugpstartifneeded function in tiny SRCU directly calling schedulework. This could lead to...