Linux Distros Unpatched Vulnerability : CVE-2026-43302

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/v3d: Set DMA segment size to avoid debug warnings When using V3D rendering with CONFIGDMAAPIDEBUG enabled, the kernel occasionally reports a segment size...

PT-2026-39114

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10 through 6.19 Description A stack out-of-bounds read exists in the nftables pipapo set backend within the pipapo drop function. The issue occurs because the function passes rulemapi + 1.n to pipapo unmap as the to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the v3d driver not setting maxsegsize. This could lead to mismatched segment lengths reported...

PT-2026-38980

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the netfilter flowtable component where the system fails to strictly check for the maximum number of supported actions. In IPv6 setups, the required number of hardware...

Zebra's Block Validator Undercounts Coinbase and P2SH Sigops

Zebra's block validator undercounts transparent signature operations against the 20000-sigop block limit MAXBLOCKSIGOPS, allowing it to accept blocks that zcashd rejects with bad-blk-sigops. A miner who produces such a block can split the network: Zebra nodes follow the offending chain while zcas...

DEBIAN-CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

CVE-2026-39825 ReverseProxy forwards queries with more than urlmaxqueryparams parameters in net/http/httputil

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-39825

ReverseProxy can forward queries containing parameters not visible to Rewrite functions. When used with a Rewrite function, or a Director function which parses query parameters, ReverseProxy sanitizes the forwarded request to remove query parameters which are not parsed by url.ParseQuery...

CVE-2026-33814

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

SUSE CVE-2025-71292

In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfsrename If nlink is maximal for a directory -1 and inside that directory you perform a rename for some child directory not moving from the parent, then the nlink of the first directory is first incremente...

Linux Distros Unpatched Vulnerability : CVE-2026-43205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - dpaa2-switch: validate numifs to prevent out-of-bounds write The driver obtains swattr.numifs from firmware via dpswgetattributes but never validates it against...

CVE-2026-43092

A flaw was found in the Linux kernel's AFXDP eXpress Data Path subsystem. The AFXDP bind operation fails to validate the Maximum Transmission Unit MTU against the usable frame space provided by the UMEM User Memory chunk. This can lead to situations where the configured MTU does not fit,...

EUVD-2026-27806

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

EUVD-2026-27801

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

CVE-2026-43235

In the Linux kernel, the following vulnerability has been resolved: media: iris: Add missing platform data entries for SM8750 Two platform-data fields for SM8750 were missed: - getvpubuffersize = irisvpu33bufsize Without this, the driver fails to allocate the required internal buffers, leading to...

CVE-2026-43190

In the Linux kernel, the following vulnerability has been resolved: netfilter: xttcpmss: check remaining length before reading optlen Quoting reporter: In net/netfilter/xttcpmss.c lines 53-68, the TCP option parser reads opi+1 directly without validating the remaining option length. If the last...

CVE-2026-43245

In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...

CVE-2026-43245

CVE-2026-43245 affects the Linux kernel NTFS driver. The root cause is that ntfs: ->d_compare() could block, with related memory-allocation issues in names_cachep. The authenticated fixes switch critical paths to non-blocking allocations: use kmalloc(PATH_MAX, GFP_NOWAIT) for the path/name han...

CVE-2026-43238 net/sched: act_skbedit: fix divide-by-zero in tcf_skbedit_hash()

In the Linux kernel, the following vulnerability has been resolved: net/sched: actskbedit: fix divide-by-zero in tcfskbedithash Commit 38a6f0865796 "net: sched: support hash selecting tx queue" added SKBEDITFTXQSKBHASH support. The inclusive range size is computed as: mappingmod = queuemappingmax...

CVE-2026-43235

Summary: CVE-2026-43235 affects the Linux kernel iris media driver for SM8750. The vulnerability arises from two missing platform-data entries in the iris driver, which prevents proper internal buffer allocation and incomplete capability checks. What’s affected: Linux kernel/iris media driver (SM...