EUVD-2026-26653

In the Linux kernel, the following vulnerability has been resolved: scsi: target: tcmloop: Drain commands in targetreset handler tcmlooptargetreset violates the SCSI EH contract: it returns SUCCESS without draining any in-flight commands. The SCSI EH documentation scsieh.rst requires that when a...

CVE-2026-43034

In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...

CVE-2026-43034 bnxt_en: set backing store type from query type

In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...

CVE-2026-43034

Root cause CVE-2026-43034: in the bnxt_en driver of the Linux kernel, ctxm->type is populated from the firmware response (resp->type) and later used to index fixed backing-store metadata arrays, risking memory corruption. The fix changes ctxm->type to come from the current loop variable ...

EUVD-2026-26633

In the Linux kernel, the following vulnerability has been resolved: bnxten: set backing store type from query type bnxthwrmfuncbackingstoreqcapsv2 stores resp-type from the firmware response in ctxm-type and later uses that value to index fixed backing-store metadata arrays such as ctxarr and...

EUVD-2026-26628

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always find...

EUVD-2026-26597

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pxp: Clear restart flag in pxpstart after jumping back If we don't clear the flag we'll keep jumping back at the beginning of the function once we reach the end. cherry picked from commit...

CVE-2026-31784

CVE-2026-31784 affects the Linux kernel, specifically the drm/xe/pxp component. The issue arises in pxp_start where a restart flag is not cleared, causing the function to potentially loop back to the start after reaching the end. This has been resolved by cherry-picking a fix from commit 0850ec7b...

CVE-2026-31778

Summary: CVE-2026-31778 affects the Linux kernel ALSA caiaq driver (init_card) and is caused by an off-by-one in a whitespace-stripping loop that copies a card id. The 16-byte local buffer can be filled without leaving space for the terminating null, causing a non-null-terminated string to be pas...

EUVD-2026-26512

In the Linux kernel, the following vulnerability has been resolved: writeback: Fix use after free in inodeswitchwbsworkfn inodeswitchwbsworkfn has a loop like: wbgetnewwb; while 1 list = llistdelall&newwb-switchwbsctxs; / Nothing to do? / if !list break; ... process the items ... Now adding of...

NSEC3 closest-encloser proof validation enters unbounded loop on cross-zone responses

The NSEC3 closest-encloser proof validation in hickory-proto's DnssecDnsHandle walks from the QNAME up to the SOA owner name, building a list of candidate encloser names. The iterator used assumes the QNAME is a descendant of the SOA owner, terminating only when the current candidate equals the S...

Infinite loop

Overview Affected versions of this package are vulnerable to Infinite loop when processing circular policy references. An attacker can cause denial of service by submitting malicious policy documents containing circular references. Remediation Upgrade org.apache.neethi:neethi to version 3.2.2 or...

SUSE CVE-2026-5407

SMB2 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

SUSE CVE-2026-6519

MBIM protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

SUSE CVE-2026-6534

USB HID protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

SUSE CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the failure to clear the reboot flag in the drm/xe PXP driver, which could lead to an infinite loop...

PT-2026-36471

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The tcm loop target reset function violates the SCSI Error Handler EH contract by returning success without draining in-flight commands. This allows the SCSI EH to reuse scsi cmnd...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the tcmlooptargetreset function failing to empty executing commands as required by the SCSI EH, which could...

Wireshark 2.0.x < 2.0.13 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.0.13. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.0.13 advisory. - In Wireshark 2.2.0 to 2.2.6 and 2.0.0 to 2.0.12, the RGMP dissector could crash. This was addressed in...