xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

xorg: xwayland: X.Org X server: Information disclosure or Denial of Service via out-of-bounds read in XKB modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...

SUSE CVE-2026-45682

OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking never removes keys from its insertion-order queue when entries are deleted. In long-running...

SUSE CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247

A flaw was found in the Linux kernel's GFX3D clock driver. This vulnerability can lead to a system crash when the GFX3D clock rate is being determined. The issue stems from an incorrect parent map that fails to provide the necessary clock information, resulting in a Denial of Service DoS for the...

CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

EUVD-2026-34110

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: clear stale link mapping of ahvif-linksmap When an arvif is initialized in non-AP STA mode but MLO connection preparation fails before the arvif is created arvif-iscreated remains false, the error path attempts to...

CVE-2026-46247 clk: qcom: gfx3d: add parent to parent request map

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

EUVD-2026-34109

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: gfx3d: add parent to parent request map After commit d228ece36345 "clk: divider: remove roundrate in favor of determinerate" determining GFX3D clock rate crashes, because the passed parent map doesn't provide the...

CVE-2026-46247

Summary: CVE-2026-46247 affects the Linux kernel gfx3d clock driver. The root cause was an incorrect parent map during GFX3D clock rate determination, which prevented the best_parent_hw from being provided, leading to a crash. The fix adds the missing field in the parent request mapping (in addit...

OPENSUSE-SU-2026:20896-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CreateSaverWindow Use-After-Free Information Disclosure. bsc1266301 - DRI2 DRIGetBuffers/DRIGetBuffersWithFormat Out-Of-Bounds Write. bsc1266302 - Font Alias Stack-based Buffer Overflow. bsc1266294 - GLX ChangeDrawableAttributes...

MiracleLinux 8 : php:8.2 (AXSA:2026-752:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-752:01 advisory. PHP: PHP: Denial of Service via improper handling of signed characters in ctype functions CVE-2026-7258 PHP: PHP-FPM: PHP-FPM: Cross-Site Scripting...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ath12k wireless driver failing to clear outdated mappings in ahvif-linksmap when connecting...

Linux Distros Unpatched Vulnerability : CVE-2026-45908

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix memory leak in amdxdnaubufmap The amdxdnaubufmap function allocates memor...

PT-2026-46010

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A crash occurs when determining the GFX3D clock rate. This is caused by the passed parent map failing to provide the expected best parent hw clock after the removal of round rate in favo...

PT-2026-46011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ath12k wifi driver where a stale link mapping is retained in ahvif-links map. This occurs when an arvif is initialized in non-AP STA mode but MLO connection...

Linux Distros Unpatched Vulnerability : CVE-2026-45967

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: bpf: Return proper address for non- zero offsets in insn array The mapdirectvalueaddr functi...