Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: nfs4setupreaddir: Insufficient locking for -dparent-d inode dereferencing. Theoretically, this could lead to an oops error due to a race condition, but I don’t believe anyone would actually exploit this vulnerability on real...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: bpf: Tell memcg to use allowspinning=false path in bpftimerinit Currently, calling bpfmapkmallocnode from bpfasyncinit can cause various locking issues; see the following stack trace edited for style as one example: ... 10.011566...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: ksmbd: Fixed a race condition in the RPC handle list access mechanism. The sess-rpchandlelist XArray manages RPC handles within a ksmbd session. Access to this list is intended to be protected by sess-rpclock a rwsemaphore...

Schneider Electric Zigbee Products

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. https://www.se.com/us/en/download/document/7EN52-0390/ Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install...

PT-2026-2541

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel’s ksmbd component has an issue related to inconsistent locking when accessing the m flags field within the vfs cache. Specifically, some code paths read and modify m fla...

ROS-20260113-7380

A vulnerability in the drivers/nvme/host component of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Linux Distros Unpatched Vulnerability : CVE-2025-68809

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ksmbd: vfs: fix race on mflags in vfscache ksmbd maintains delete-on-close and pending-delete state in ksmbdinode-mflags. In vfscache.c this field is accessed...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

EUVD-2026-1926

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

CVE-2026-22050

CVE-2026-22050 affects NetApp ONTAP 9.16.1 (before 9.16.1P9) and 9.17.1 (before 9.17.1P2) when snapshot locking is enabled. A privileged remote attacker could set the snapshot expiry time to none. This is supported by multiple connected documents (ONTAP advisory NTAP-20260112-0001 and Nessus/PT-S...

CVE-2026-22050

ONTAP versions 9.16.1 prior to 9.16.1P9 and 9.17.1 prior to 9.17.1P2 with snapshot locking enabled are susceptible to a vulnerability which could allow a privileged remote attacker to set the snapshot expiry time to none...

kernel: Bluetooth: MGMT: Fix possible UAFs

A flaw was found in the Linux kernel’s Bluetooth management subsystem net/bluetooth/mgmt.c. The mgmtpending structure may be freed while still being processed, or remain on the pending command list, which allows a use-after-free or double-free scenario. An attacker with local access to the system...

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

ROS-20260112-7331

A vulnerability in the ext4xattrsetentry function of the fs/ext4/xattr.c module of the Ext4 file system of the Linux kernel is related to insufficient locking of a resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7333

A vulnerability in the mt7921macresetwork function of the drivers/net/wireless/mediatek/mt76/mt7921/mac.c module of the Linux operating system kernel is related to insufficient resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260112-7344

A vulnerability in the ks8851irq function of the drivers/net/ethernet/micrel/ks8851common.c module of the Linux operating system kernel is related to insufficient resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

PT-2026-2286

Name of the Vulnerable Software and Affected Versions ONTAP versions 9.16.1 through 9.16.1P9 ONTAP versions 9.17.1 through 9.17.1P2 Description ONTAP systems with snapshot locking enabled may allow a privileged remote attacker to modify the snapshot expiry time to none. Recommendations Update to...

ROS-20260112-7315

A vulnerability in the fecsetmacaddress function of the drivers/net/ethernet/freescale/fecmain.c module of the Linux operating system kernel is related to insufficient resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...