442846 matches found
CVE-2026-52937
CVE-2026-52937 details a stack information leak in the Linux kernel related to the macvtap mac address path. In tap_ioctl() for SIOCGIFHWADDR, the code copies 16 bytes from an uninitialized on-stack sockaddr_storage to userspace via ifr_hwaddr. The implementation only writes sa_family and dev->...
CVE-2026-52936
The CVE-2026-52936 entry describes a Linux kernel fix in crypto/jitterentropy where the jent_kcapi_random() path previously held a spinlock across jent_read_entropy(), causing potential stalls during entropy generation. The vulnerability arises because this spinlock protected an expensive operati...
CVE-2026-52935
The CVE-2026-52935 entry concerns the Linux kernel xfrm/espintcp code. The issue arises from reusing an in-progress partial transmit state (ctx->partial) when building a new sk_msg, where espintcp_sendmsg() may prematurely reuse the live partial if espintcp_push_msgs() reports success while a ...
CVE-2026-52932
In the Linux kernel, CVE-2026-52932 fixes an issue in the xfrm: ipcomp path where destination pages could leak on acomp errors. The patch moves the out_free_req label to ensure the allocated destination SG list is freed on error as well as on success, preventing a potential resource leak. The des...
CVE-2026-52933
CVE-2026-52933 affects the Linux kernel’s io_uring/poll path. The vulnerability stems from a signed comparison in io_poll_get_ownership(): it compares an atomic_read(&req->poll_refs) against IO_POLL_REF_BIAS using signed arithmetic. If the IO_POLL_CANCEL_FLAG (BIT(31)) is set, the read value b...
CVE-2026-52930
The CVE concerns the Linux kernel’s shared memory (ipc/shm) subsystem, specifically the orphan cleanup path. The vulnerability arises because shm_destroy_orphaned() traverses shm IDs under shm_ids(ns).rwsem but shm_nattch can be updated while holding shm_perm.lock, and attach paths may modify it ...
CVE-2026-52929
The CVE-2026-52929 entry concerns the Linux kernel SCTP stream handling. When ADD_OUT_STREAMS is denied, the scheduler may leave removed stream metadata behind, enabling a later re-add to reuse a stale ext and trigger a null-pointer dereference in the scheduler get path. The fix tears down the re...
CVE-2026-52919
Affect : Linux kernel’s batman-adv component. The issue arises in batadv_tp_sender_shutdown where the atomic counter labeled “sending” is unconditionally decremented. If multiple call paths occur, the counter can underflow to -1. Because the sender logic treats any non-zero value as active, a neg...
CVE-2026-52918
The CVE-2026-52918 entry affects the Linux kernel Bluetooth code. Specifically, bt_sock_poll() traverses the accept_q queue without synchronization, while a child teardown can unlink the same socket and drop its last reference, enabling a race between polling and socket teardown. The documented f...
CVE-2026-52914
CVE-2026-52914 concerns the Linux kernel’s batman-adv fragment reassembly path. The vulnerability arises from how a running payload length for queued fragments is accumulated and used to validate a fragment chain; the length accounting could be truncated during updates, allowing malformed fragmen...
Important: Red Hat Security Advisory: python3.14 security, bug fix, and enhancement update
An update for python3.14 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Moderate: Red Hat Security Advisory: libxslt security update
An update for libxslt is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...
ROOT-OS-DEBIAN-13-CVE-2026-22989 CVE-2026-22989 in rootio-linux - Patched by Root
Root has patched CVE-2026-22989 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23321 CVE-2026-23321 in rootio-linux - Patched by Root
Root has patched CVE-2026-23321 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-46032 CVE-2026-46032 in rootio-linux - Patched by Root
Root has patched CVE-2026-46032 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-45840 CVE-2026-45840 in rootio-linux - Patched by Root
Root has patched CVE-2026-45840 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23290 CVE-2026-23290 in rootio-linux - Patched by Root
Root has patched CVE-2026-23290 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23396 CVE-2026-23396 in rootio-linux - Patched by Root
Root has patched CVE-2026-23396 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23312 CVE-2026-23312 in rootio-linux - Patched by Root
Root has patched CVE-2026-23312 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...