CVE-2026-31601

A flaw was found in the Linux kernel's vfio/xe driver. An attacker, by attempting to reset a Virtual Function VF device that does not support migration, can trigger a kernel page fault. This can lead to a system crash, resulting in a Denial of Service DoS...

CVE-2026-31601

In the Linux kernel, the following vulnerability has been resolved: vfio/xe: Reorganize the init to decouple migration from reset Attempting to issue reset on VF devices that don't support migration leads to the following: BUG: unable to handle page fault for address: 00000000000011f8 PF:...

EUVD-2025-25562

Malicious code in bioql PyPI...

CVE-2025-38640

CVE-2025-38640: Linux kernel vulnerability in BPF/netfilter flow where nf_hook_run_bpf() could run migrations in xmit path, allowing non-migratable context assumptions to be violated. The fix disables migration by using bpf_prog_run_pin_on_cpu() in nf_hook_run_bpf() (commit references in the Linu...

GHSA-5X29-3HR9-6WPW TPM 1.2 key authorization values vulnerable to TPM transport eavesdropper in go-tpm

Impact TPM 2.0 users are unaffected by this issue. An adversary eavesdropping on the TPM 1.2 transport path can calculate usageAuth for a key created with CreateWrapKey, even though this value is encrypted as part of the TPM 1.2 command protocol. The TPM 1.2 CreateWrapKey command accepts two...