5108 matches found
SUSE CVE-2026-23174
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
SUSE CVE-2026-23181
In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...
Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2025-38685)
In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fastimageblit This issue triggers when a userspace program does an ioctl FBIOPUTCON2FBMAP by passing console number and frame buffer number. Ideally this maps console to frame buffer and...
CVE-2026-23181
In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...
CVE-2026-23174
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
UBUNTU-CVE-2026-23181
In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...
UBUNTU-CVE-2026-23174
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
CVE-2026-23181 btrfs: sync read disk super and set block size
In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...
CVE-2026-23181
In CVE-2026-23181, the Linux kernel btrfs read path can trigger inconsistent folio ordering when a block size change via BLKBSZSET occurs after folio allocation during read cache operations, leading to a VM_BUG_ON_FOLIO assertion and a null pointer dereference in create_empty_buffers. The documen...
EUVD-2026-5865
In the Linux kernel, the following vulnerability has been resolved: nvme-pci: handle changing device dma map requirements The initial state of dmaneedsunmap may be false, but change to true while mapping the data iterator. Enabling swiotlb is one such case that can change the result. The nvme...
CVE-2026-23152
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
CVE-2026-23152
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
UBUNTU-CVE-2026-23152
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
CVE-2026-23152
Technical details for CVE-2026-23152 are not publicly provided in the supplied connected docs. The materials only note patching/release status in OSV/SUSE advisories; no specifics on affected components, exploitability, or fixes are included here.
CVE-2026-23152
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
EUVD-2026-5885
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
CVE-2026-23152 wifi: mac80211: correctly decode TTLM with default link map
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: correctly decode TTLM with default link map TID-To-Link Mapping TTLM elements do not contain any link mapping presence indicator if a default mapping is used and parsing needs to be skipped. Note that access point...
CVE-2026-23127
In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling refcountinc&event-;mmapcount inside perfmmaprb, the following warning is triggered: refcountt: addition on 0; use-after-free. WARNING: lib/refcount.c:25 PoC:...
CLSA-2026-1771077729 kernel: Fix of 107 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...
CVE-2026-25227
authentik is an open-source identity provider. From 2021.3.1 to before 2025.8.6, 2025.10.4, and 2025.12.4, when using delegated permissions, a User that has the permission Can view Property Mapping or Can view Expression Policy is able to execute arbitrary code within the authentik server contain...