UBUNTU-CVE-2026-23174

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

CVE-2026-23181 btrfs: sync read disk super and set block size

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

CVE-2026-23181

In CVE-2026-23181, the Linux kernel btrfs read path can trigger inconsistent folio ordering when a block size change via BLKBSZSET occurs after folio allocation during read cache operations, leading to a VM_BUG_ON_FOLIO assertion and a null pointer dereference in create_empty_buffers. The documen...

EUVD-2026-5865

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...

CVE-2026-23152

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CVE-2026-23152

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

UBUNTU-CVE-2026-23152

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CVE-2026-23152

Technical details for CVE-2026-23152 are not publicly provided in the supplied connected docs. The materials only note patching/release status in OSV/SUSE advisories; no specifics on affected components, exploitability, or fixes are included here.

CVE-2026-23152

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

EUVD-2026-5885

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CVE-2026-23152 wifi: mac80211: correctly decode TTLM with default link map

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...

CVE-2026-23127

In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling refcountinc&event-;mmapcount inside perfmmaprb, the following warning is triggered: refcountt: addition on 0; use-after-free. WARNING: lib/refcount.c:25 PoC:...

CLSA-2026-1771077729 kernel: Fix of 107 CVEs

net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...

CVE-2026-25227

authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper parsing of the TID-To-Link Mapping element, potentially leading to out-of-bounds reads...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of changes in device DMA mapping requirements. This vulnerability may lead to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from unsynchronized reading of the superblock of the disk and incorrect setting of block size,...

GHSA-G433-PQ76-6CMF Bug fixes in hpke-rs, hpke-rs-rust-crypto

We publish a GitHub security advisory for any releases whose CHANGELOG includes bug-fixes, and encourage our users to upgrade. The latest releases of the hpke-rs and hpke-rs-rust-crypto crates contain the following bug-fixes: hpke-rs - 127: Fix KemAlgorithm::TryFrom mapping where 0x004D incorrect...

Bug fixes in hpke-rs, hpke-rs-rust-crypto

We publish a GitHub security advisory for any releases whose CHANGELOG includes bug-fixes, and encourage our users to upgrade. The latest releases of the hpke-rs and hpke-rs-rust-crypto crates contain the following bug-fixes: hpke-rs - 127: Fix KemAlgorithm::TryFrom mapping where 0x004D incorrect...

MAL-2026-895 Malicious code in json-mapping-src (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc958aaacb5ea616283510ccda98b0a4634c35d348eece1613366ac66ad41abb The package json-mapping-src was found to contain malicious code. Source: ghsa-malware 8e7f8a61a6a361880bea88321b1f130627266e5f1d54e8aa9d9f47d64c99db...