126127 matches found
EUVD-2026-25485
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...
CVE-2026-31592
CVE-2026-31592 affects the Linux kernel KVM subsystem. The vulnerability arises when sev_mem_enc_register_region() is not protected by kvm->lock before sev_guest() is checked, risking state corruption if KVM_INIT{2} fails and an uninitialized sev->regions_list is touched, potentially causin...
CVE-2026-31592 KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm->lock
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...
CVE-2026-31592
In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Protect all of sevmemencregisterregion with kvm-lock Take and hold kvm-lock for before checking sevguest in sevmemencregisterregion, as sevguest isn't stable unless kvm-lock is held or KVM can guarantee KVMSEVINIT2 has...
CVE-2026-31547 drm/xe: Fix missing runtime PM reference in ccs_mode_store
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...
CVE-2026-31547
CVE-2026-31547 affects the Linux kernel DRM/xe driver. The flaw is a missing outer runtime PM reference in ccs_mode_store, where ccs_mode_store() calls xe_gt_reset() which invokes xe_pm_runtime_get_noresume() that requires an outer runtime PM reference. The result is a runtime PM protection warni...
CVE-2026-31547
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...
EUVD-2026-25440
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...
CVE-2026-31547
In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix missing runtime PM reference in ccsmodestore ccsmodestore calls xegtreset which internally invokes xepmruntimegetnoresume. That function requires the caller to already hold an outer runtime PM reference and warns if...
EUVD-2026-25439
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...
CVE-2026-31546
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...
CVE-2026-31546 net: bonding: fix NULL deref in bond_debug_rlb_hash_show
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...
CVE-2026-31546
The CVE-2026-31546 fix applies to the Linux kernel bonding driver: bond_debug_rlb_hash_show could dereference a NULL slave, leading to a kernel NULL pointer dereference and potential DoS. The mitigation is to add a NULL check and print "(none)" for entries with no assigned slave; other code paths...
CVE-2026-31546
In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bonddebugrlbhashshow rlbclearslave intentionally keeps RLB hash-table entries on the rxhashtblusedhead list with slave set to NULL when no replacement slave is available. However,...
Security Bulletin: IBM App Connect Enterprise is vulnerable to multiple vulnerabilities due to multiple node modules.
Summary IBM App Connect Enterprise runtime, IBM App Connect Enterprise Connector Discovery and OpenAPI Editor and IBM App Connect Enterprise Discovery Connectors are vulnerable to multiple vulnerabilities due to multiple node modules. Vulnerability Details CVEID:CVE-2026-33916 DESCRIPTION:...
SUSE-SU-2026:21440-1 Security update for ovmf
This update for ovmf fixes the following issues: - CVE-2026-25833: mbedtls: buffer overflow in the x509inetptonipv6 function bsc1261476. - CVE-2026-25834: mbedtls: client accepts signature algorithm chosen by server even if not advertised in client hello bsc1261477. - CVE-2026-25835: mbedtls: no...
Security Bulletin: Multiple vulnerabilities affect IBM® SDK, Java™ Technology Edition (CVE-2026-22016, CVE-2026-22021, CVE-2026-22013, CVE-2026-22018, CVE-2026-34268, CVE-2026-22007)
Summary This bulletin for IBM SDK, Java Technology Edition covers all applicable Java SE CVEs published by Oracle as part of their April 2026 Critical Patch Update. For more information please refer to Oracle's April 2026 CPU Advisory and the CVE links referenced below. Vulnerability Details...
openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....
Important: Red Hat Security Advisory: java-21-openjdk security update
An update for java-21-openjdk is now available for Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9.4 Extended Update Support, Red Hat Enterprise Linux 9.6 Extended Update Support, Red Hat Enterprise Linux 9, and Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as...
openjdk: Enhance crypto algorithm support (Oracle CPU 2026-04)
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0....