CVE-2026-43143

In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...

CVE-2026-43143 mfd: core: Add locking around 'mfd_of_node_list'

In the Linux kernel, the following vulnerability has been resolved: mfd: core: Add locking around 'mfdofnodelist' Manipulating a list in the kernel isn't safe without some sort of mutual exclusion. Add a mutex any time we access / modify 'mfdofnodelist' to prevent possible crashes...

CVE-2026-43143

In the Linux kernel, CVE-2026-43143 fixes a concurrency issue in the multi-function device (mfd) core: access/modification of the mfd_of_node_list was not mutex-protected, risking unsafe list manipulation and potential crashes. The fix adds a mutex to guard this list, reducing crash likelihood. P...

CVE-2026-43127 ntfs3: fix circular locking dependency in run_unpack_ex

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...

CVE-2026-43127

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...

CVE-2026-43127

CVE-2026-43127 concerns the Linux kernel ntfs3 component, where a circular locking dependency between wnd->rw_lock and ni->file.run_lock creates an AB-BA deadlock. The deadlock scenario: ntfs_extend_mft() acquires ni->file.run_lock then wnd->rw_lock; run_unpack_ex() acquires wnd->r...

CVE-2026-43127

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The deadlock scenario: 1. ntfsextendmft takes ni-file.runlock then...

SUSE CVE-2026-43023

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: fix race conditions in scosockconnect scosockconnect checks skstate and sktype without holding the socket lock. Two concurrent connect syscalls on the same socket can both pass the check and enter scoconnect,...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper use of the tcon field in the cifs driver’s locking mechanism. This vulnerability may lead to...

Linux Distros Unpatched Vulnerability : CVE-2026-43127

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntfs3: fix circular locking dependency in rununpackex Syzbot reported a circular locking dependency between wnd-rwlock sbi-used.bitmap and ni-file.runlock. The...

PT-2026-37984

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against...

Linux Distros Unpatched Vulnerability : CVE-2026-43116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go awa...

PT-2026-37467

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A circular locking dependency exists in the ntfs3 component, specifically within the run unpack ex function. This issue occurs due to an AB-BA deadlock scenario where ntfs extend mft...

PT-2026-37487

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the Linux kernel when sriov del vfs is called as part of pci stop and remove bus device. This happens because the system recursively attempts to acquire the pci resc...

Linux Distros Unpatched Vulnerability : CVE-2026-43147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV This reverts commit 05703271c3cd PCI/IOV: Add PCI rescan-remove locking when...

PT-2026-37603

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference can occur in the wave5 chips-media component when multiple instances are created and destroyed, leading to frequent interrupts and the removal of decoder...

PT-2026-37483

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A lack of mutual exclusion when manipulating the mfd of node list list in the kernel can lead to potential system crashes. This occurs because accessing or modifying the list without...

PT-2026-37777

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against...

Linux Distros Unpatched Vulnerability : CVE-2026-43215

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cifs: Fix locking usage for tcon fields We used to use the cifstcpseslock to protect a lot of objects that are not just the server, ses or tcon lists. We later...

PT-2026-37555

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the CIFS component where cifs tcp ses lock was used to protect various objects, including tcon fields, instead of using more granular locks. This caused unnecessary...