69 matches found
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: afs: Fixed page leak There is a loop in afaxtendwriteback that adds extra pages to the write operation. We want to improve the efficiency of this write-back process by making the write operation larger. However, this loop stops i...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: virtio-net: Fixed pages leaking when building skb in big mode. We attempt to use buildskb if there is sufficient “tailroom”. However, we forget to release the unused pages that are chained via private in big mode, which can lead ...
SUSE CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
SUSE CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46320
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46321
In the Linux kernel, the following vulnerability has been resolved: tun: free page on short-frame rejection in tunxdpone tunxdpone returns -EINVAL on a frame shorter than ETHHLEN without freeing the page that vhostnetbuildxdp allocated for it. tunsendmsg discards that -EINVAL and still returns...
CVE-2026-46322 tun: free page on build_skb failure in tun_xdp_one()
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46322
The CVE relates to the Linux kernel tun driver vulnerability CVE-2026-46322. When build_skb() fails inside tun_xdp_one(), the function returns -ENOMEM without freeing the allocated page for the frame, causing a memory leak of one page-frag chunk per failed build_skb() in a batch. The root cause i...
CVE-2026-46322
In the Linux kernel, the following vulnerability has been resolved: tun: free page on buildskb failure in tunxdpone When buildskb fails in tunxdpone, the function sets ret to -ENOMEM and jumps to the out label, which returns without freeing the page that vhostnetbuildxdp allocated for the frame. ...
CVE-2026-46321
Summary. CVE-2026-46321 concerns the Linux kernel tun/tap with vhost-net, where a short-frame rejection path in tun_xdp_one() can leak memory pages. Specifically, when a frame is shorter than ETH_HLEN, tun_xdp_one() returns -EINVAL without freeing the page allocated by vhost_net_build_xdp(). tun_...
CVE-2026-46320
The CVE-2026-46320 vulnerability affects the Linux kernel tap driver where memory pages allocated for frames in vhost_net_xdp() are not freed on error paths. Specifically, tap_get_user_xdp() may reject frames shorter than ETH_HLEN (-EINVAL) or fail build_skb() (-ENOMEM), but both error paths jump...
EUVD-2026-35410
In the Linux kernel, the following vulnerability has been resolved: tap: free page on error paths in tapgetuserxdp tapgetuserxdp rejects a frame shorter than ETHHLEN with -EINVAL, and returns -ENOMEM when buildskb fails. Both paths jump to the err label without freeing the page that...
PT-2026-47759
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel when the build skb function fails within the tun xdp one function. In this scenario, the system sets the return value to -ENOMEM and exits withou...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021634)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021634 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: independent PMD page table shared count The folio refcount may be increased unexpect...
phpMyFAQ has an Authorization Bypass in All Admin Pages Due to Non-Terminating Permission Check
Summary AbstractAdministrationController::userHasPermission catches the ForbiddenException thrown when a user lacks a specific permission, sends a "forbidden" HTML page via $response-send, but does not terminate execution. The calling controller method continues to execute, fetches protected data...
CVE-2026-34759
OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, multiple notification API endpoints are registered without authentication middleware, while sibling endpoints in the same codebase correctly use ClusterKeyAuthorization.isAuthorizedServiceMiddleware. Thes...
CVE-2026-34759 OneUptime: Unauthenticated notification API endpoints - financial abuse via phone number purchase, service disruption, and SMTP credential exposure
OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.42, multiple notification API endpoints are registered without authentication middleware, while sibling endpoints in the same codebase correctly use ClusterKeyAuthorization.isAuthorizedServiceMiddleware. Thes...
CVE-2026-34759
Affected software: OneUptime Open Source platform (prior to v10.0.42). Vulnerability: Multiple notification API endpoints were registered without authentication middleware, exposing /notification/ and enabling an unauthenticated attacker to exploit a projectId leak from the public Status Page API...
EUVD-2026-12900
In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix page array leak d9f595b9a65e "iouring/zcrx: fix leaking pages on sg init fail" fixed a page leakage but didn't free the page array, release it as well...