php: Fix of 2 CVEs

CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...

CLSA-2026-1778788198 Fix of 6 CVEs

SECURITY UPDATE: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - debian/patches/CVE-2026-7258.patch: fix out-of-bounds read in urldecode via signed-char to ctype.h GHSA-m8rr-4c36-8gq4 - CVE-2026-7258 SECURITY UPDATE: fix stale SOAPGLOBAL refmap pointer with...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: xdp: use flags field to disambiguate broadcast redirect When redirecting a packet using XDP, the bpfredirectmap helper will set up the redirect destination information in struct bpfredirectinfo using the bpfxdpredirectmap helper...

`IterMut` violates Stacked Borrows by invalidating internal pointer

Affected versions of this crate contain a soundness issue in the IterMut iterator implementation. The IterMut::next and IterMut::nextback methods temporarily create an exclusive reference to the key when dereferencing the internal node pointer. This invalidates the shared pointer held by the...

CVE-2025-68187 net: mdio: Check regmap pointer returned by device_node_to_regmap()

In the Linux kernel, the following vulnerability has been resolved: net: mdio: Check regmap pointer returned by devicenodetoregmap The call to devicenodetoregmap in airohamdioprobe can return an ERRPTR if regmap initialization fails. Currently, the driver stores the pointer without validation,...

kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer

A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha-vpmap exists in the Linux kernel in drivers/scsi/qla2xxx/qlaos.c...

kernel: scsi: qla2xxx: Fix double free of the ha->vp_map pointer

A vulnerability was found in the Linux kernel. A potential double-free in the pointer ha-vpmap exists in the Linux kernel in drivers/scsi/qla2xxx/qlaos.c...

SUSE CVE-2024-36937

In the Linux kernel, the following vulnerability has been resolved: xdp: use flags field to disambiguate broadcast redirect When redirecting a packet using XDP, the bpfredirectmap helper will set up the redirect destination information in struct bpfredirectinfo using the bpfxdpredirectmap helper...

CVE-2024-36937

In the Linux kernel, the following vulnerability has been resolved: xdp: use flags field to disambiguate broadcast redirect When redirecting a packet using XDP, the bpfredirectmap helper will set up the redirect destination information in struct bpfredirectinfo using the bpfxdpredirectmap helper...

SUSE CVE-2024-26930

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha-vpmap pointer Coverity scan reported potential risk of double free of the pointer ha-vpmap. ha-vpmap was freed in qla2x00memalloc, and again freed in function qla2x00memfreeha. Assign NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a double release vulnerability in the ha-vpmap pointer...

Linux: eBPF verifier log leaks lower half of map pointer

When the eBPF verifier kernel/bpf/verifier.c runs in verbose mode, it dumps all processed instructions to a user-accessible buffer in human-readable form using printbpfinsn. For instructions with class BPFLD and mode BPFIMM, it prints the raw 32-bit value: else if class == BPFLD if BPFMODEinsn-co...

Linux Kernel 4.11 - eBPF Verifier Log Leaks Lower Half of map Pointer

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1251 When the eBPF verifier kernel/bpf/verifier.c runs in verbose mode, it dumps all processed instructions to a user-accessible buffer in human-readable form using printbpfinsn. For instructions with class BPFLD and mode BPFIMM,...