PT-2026-39122

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description DMA mapping error handling issues exist in the aml sfc dma buffer setup function. These include an unnecessary jump during the first DMA mapping failure, a double-unmap bug where sfc-dad...

PT-2026-39123

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the emac tx mem map function where DMA Direct Memory Access mappings—a method allowing hardware to access system memory independently of the CPU—were leaked when a...

PT-2026-39106

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the e1000 and e1000e drivers during DMA Direct Memory Access error cleanup. When an error occurs while mapping TX buffers, the driver fails to correctly unmap all...

PT-2026-38995

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel within the perf/x86/intel/uncore component regarding die ID initialization and lookup. In the snbep pci2phy map init function, when nr node ids is...

PT-2026-38944

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/v3d component where the max seg size is not set when using V3D rendering with CONFIG DMA API DEBUG enabled. This causes the kernel to default to a 64K segment...

Linux Distros Unpatched Vulnerability : CVE-2026-43348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mshvvtl: Fix vmemmapshift exceeding MAXFOLIOORDER When registering VTL0 memory via MSHVADDVTL0MEMORY, the kernel computes pgmap-vmemmapshift as the number of...

Linux Distros Unpatched Vulnerability : CVE-2026-43344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf/x86/intel/uncore: Fix die ID init and look up bugs In snbeppci2phymapinit, in the nrnodeids 8 path, uncoredevicetodie may return -1 when all CPUs associate...

SUSE CVE-2026-43053

In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfsattr3nodeinactive invalidates all child leaf/node blocks via xfstransbinval, but intentionally does not remo...

SUSE CVE-2026-43083

In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace-type.bit6 is set: if trace-type.bit6 ... queue = skbgettxqueuedev, skb; qdisc = rcudereferencequeue-qdisc; This code can lead to an out-of-bounds access of the dev-tx array when...

SUSE CVE-2026-43088

In the Linux kernel, the following vulnerability has been resolved: net: afkey: zero aligned sockaddr tail in PFKEY exports PFKEY export paths use pfkeysockaddrsize when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, pfkeysockaddrfill initializes only th...

SUSE CVE-2026-43224

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadma fails, which could only happen on a PAGEPOOL32BITARCHWITH64BITDMA machine, iozcrxmaparea will have an initialised and not freed table. ...

SUSE CVE-2026-43238

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

SUSE CVE-2026-43251

In the Linux kernel, the following vulnerability has been resolved: HID: prodikeys: Check presence of pm-inputep82 Fake USB devices can send their own report descriptors for which the inputmapping hook does not get called. In this case, pm-inputep82 stays NULL, which leads to a crash later. This...

Linux Distros Unpatched Vulnerability : CVE-2026-43224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix sgtable leak on mapping failures In an unlikely case when iopopulateareadm...

Linux Distros Unpatched Vulnerability : CVE-2026-43238

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 net: sched: support hash selecting tx queue added SKBEDITFTXQSKBHASH support. Th...

a-mailx (=0.1.0), a2 (>=0.1.0 <=0.3.17) +632 more potentially affected by CVE-2026-42557 via jupyterlab (>=0.31.1 <=4.5.6)

jupyterlab PYPI version =0.31.1, =0.1.0, =0.1.0b0, =0.1.0b0, =0.1.0b0, =0.1.0, =0.5.5, =2.0.0, =0.1.1, =0.1.0, =3.0.0, =4.33.0, =5.0.0 and more Source cves: CVE-2026-42557 Source advisory: OSV:GHSA-MQCG-5X36-VFCG...

CVE-2026-43178

A flaw was found in the Linux kernel's procfs component. A local user, by providing a malformed input buffer during a specific memory mapping query PROCMAPQUERY, can trigger an error in how the kernel manages process memory. This can lead to a double release of memory resources, potentially causi...

CVE-2026-41934

Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insufficient file extension restrictions, with the uploaded payload then executable via subsequent...

CVE-2026-41938

Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restrictions by uploading a .htaccess file to map .phtml extensions to the PHP handler. Attackers can uploa...

CVE-2026-41938

Vvveb before version 1.0.8.2 contains an unrestricted file upload vulnerability in the media upload handler that allows authenticated users with media-upload permissions to bypass extension restrictions by uploading a .htaccess file to map .phtml extensions to the PHP handler. Attackers can uploa...