CVE-2026-43409

CVE-2026-43409 affects the Linux kernel kprobes subsystem: when ftrace is disabled due to errors, removing a module that uses kprobes can crash the system because kprobes_ftrace_disabled is not correctly handled. Root cause: kprobe_ftrace_disabled flag mishandling in __disarm_kprobe_ftrace(). Mit...

CVE-2026-43409

In the Linux kernel, the following vulnerability has been resolved: kprobes: avoid crash when rmmod/insmod after ftrace killed After we hit ftrace is killed by some errors, the kernel crash if we remove modules in which kprobe probes. BUG: unable to handle page fault for address: fffffbfff805000d...

CVE-2026-23372

In the Linux kernel, the following vulnerability has been resolved: nfc: rawsock: cancel txwork before socket teardown In rawsockrelease, cancel any pending txwork and purge the write queue before orphaning the socket. rawsocktxwork runs on the system workqueue and calls nfcdataexchange which...

io_uring: check if iowq is killed before queuing

...

PT-2025-31070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.16.0-rc4-syzkaller-g7482bb149b9f Description The Linux kernel contained a null-pointer dereference issue within the l2cap sock resume cb function, identified by syzbot. This issue stemmed from a potential acces...

PT-2025-30843

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s DRM scheduler where scheduled fences may not be properly signaled when a job is killed. This can occur when a job from one application depends on a...

AZL-68550 CVE-2024-56709 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: iouring: check if iowq is killed before queuing task work can be executed after the task has gone through iouring termination, whether it's the final taskwork run or the fallback path. In this case, task work will find -iowq bein...

CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia

The explosion of thousands of rigged pagers and walkie-talkies will likely make Hezbollah operatives fear any means of electronic communication. It’s having the same effect on the Lebanese population...

SUSE CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

Podman vulnerable to memory-based denial of service

A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources...

DEBIAN-CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

AZL-54098 CVE-2024-42135 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

UBUNTU-CVE-2024-42135

In the Linux kernel, the following vulnerability has been resolved: vhosttask: Handle SIGKILL by flushing work and exiting Instead of lingering until the device is closed, this has us handle SIGKILL by: 1. marking the worker as killed so we no longer try to use it with new virtqueues and new flus...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a vulnerability in the vhosttask module that should be handled by marking a job as killed when a SIGKILL...

Crossplane-runtime contains Improper Input Validation via Compositions

Summary Fuzz testing, by Ada Logics and sponsored by the CNCF, identified a vulnerability in the fieldpath package from crossplane/crossplane-runtime that an already highly privileged Crossplane user able to create or update Compositions could leverage to cause an out of memory panic in Crossplan...

GHSA-V829-X6HH-CQFQ Crossplane-runtime contains Improper Input Validation via Compositions

Summary Fuzz testing, by Ada Logics and sponsored by the CNCF, identified a vulnerability in the fieldpath package from crossplane/crossplane-runtime that an already highly privileged Crossplane user able to create or update Compositions could leverage to cause an out of memory panic in Crossplan...

Code injection

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. In affected versions an already highly privileged user able to create or update Compositions can specify an arbitrarily high index in a patch's ToFieldPath, which could lead to...

CVE-2023-27484 Unchecked fieldpath index in Composition's patches can lead to arbitrary memory allocation in crossplane

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. In affected versions an already highly privileged user able to create or update Compositions can specify an arbitrarily high index in a patch's ToFieldPath, which could lead to...