UBUNTU-CVE-2026-52939

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix NULL deref in rdsibsendcqehandler on masked atomic completion rdsibxmitatomic always programs a masked atomic opcode IBWRMASKEDATOMICCMPANDSWP or IBWRMASKEDATOMICFETCHANDADD for every RDS atomic cmsg. But the...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: In hci, fix for null-ptr-deref in hcireadsupportedcodecs. Fix hcicmdsyncsk to return NOT NULL for unknown opcodes. hcicmdsyncsk returns NULL if a command returns a status event. However, it also returns NULL when an...

Astra Linux – Vulnerability in binutils

GNU Binutils prior to version 2.34 has a vulnerability related to uninitialized heaps in the function tic4xprintcond file opcodes/tic4x-dis.c. This vulnerability could allow attackers to cause an information leak...

CVE-2026-49190

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

CVE-2026-49190 Missing Per-Instruction Authorization Checks

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

CVE-2026-49190

Technical details (affected products, vulnerable component, root cause, exploit information) are not provided in the initial document or connected sources. Monitor for updates from official advisories.

CVE-2026-49190

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

EUVD-2026-34209

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

CVE-2026-49190 Missing Per-Instruction Authorization Checks

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

PT-2026-46148

The system fails to evaluate instructional permissions over multiple internal operation codes opcodes, permitting unauthorized application installations or command executions...

RDMA/rxe: Reject unknown opcodes before ICRC processing

...

CVE-2026-46133

A flaw was found in the Linux kernel's Soft RoCE RDMA/rxe driver. An unauthenticated remote attacker can send a specially crafted UDP packet with an unknown opcode to trigger an out-of-bounds read. This vulnerability can lead to a kernel panic, effectively causing a Denial of Service DoS on the...

CVE-2026-46133

The CVE-2026-46133 issue affects Linux kernel’s Soft RoCE (RDMA/rxe) where an unauthenticated UDP packet with an unknown opcode could trigger an out-of-bounds read during ICRC/CRC processing due to missing validation of opcodes before length arithmetic. The advisory describes that entries in the ...

CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from insufficient ICRC checks when processing unknown opcodes in RDMA rxe, potentially leading to out-of-bou...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

PyTorch Vulnerable to Remote Code Execution via Untrusted Checkpoint Files

Summary A vulnerability in PyTorch's weightsonly unpickler allows an attacker to craft a malicious checkpoint file .pth that, when loaded with torch.load..., weightsonly=True, can corrupt memory and potentially lead to arbitrary code execution. Vulnerability Details The weightsonly=True unpickler...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002999)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002999 advisory. A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003132)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003132 advisory. A missing address check in the callers of the showopcodes in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the...