CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

CVE-2026-31521 module: Fix kernel panic when a symbol st_shndx is out of bounds

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

CVE-2026-31517 xfrm: iptfs: fix skb_put() panic on non-linear skb during reassembly

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

RUSTSEC-2026-0104 Reachable panic in certificate revocation list parsing

A panic was reachable when parsing certificate revocation lists via BorrowedCertRevocationList::fromder or OwnedCertRevocationList::fromder. This was the result of mishandling a syntactically valid empty BIT STRING appearing in the onlySomeReasons element of a IssuingDistributionPoint CRL...

PT-2026-34546

Impact An untrusted p2p peer can cause a node to panic by announcing an election macro block whose validators set contains an invalid compressed BLS voting key. Hashing an election macro header hashes validators and reaches Validators::voting keys, which calls validator.voting key.uncompress.unwr...

PT-2026-34547

Impact HistoryStore::put historic txns uses an assert! to enforce invariants about HistoricTransaction.block number must be within the macro block being pushed and within the same epoch. During history sync, a peer can influence the history: &HistoricTransaction input passed into Blockchain::push...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the module loader failing to check the boundaries of the stshndx symbol, potentially leading to a...

PT-2026-34426

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The module loader fails to verify the bounds of the ELF section index within the simplify symbols function. A symbol containing an out-of-bounds st shndx value, such as those defined as...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013529)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013529 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: avoid device tree lookups in rtasosterm rtasosterm is called during panic. Its...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013543)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013543 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix potential panic dues to unprotected smcllcsrvaddlink There is a certain chance to...

Linux Distros Unpatched Vulnerability : CVE-2026-31521

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i =...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013669)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013669 advisory. In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Fix pciendpointtestcopy,write,read panic The dmamapsingle doesn't permit...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013484)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013484 advisory. In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/sec - fix the aead software fallback for engine Due to the subreq pointer misus...

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from a panic being triggered by HistoryTreeProof::verify in the nimiq-transaction when processing proofs with incorrect formats...

Nimiq 输入验证错误漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Prior to Nimiq 1.3.0, there was a vulnerability related to input validation errors. This vulnerability stemmed from the use of assert! in nimiq-blockchain::HistoryStore::puthistorictxns, which was used to enforce invariants...

Nimiq 安全漏洞

Nimiq is an open-source implementation of the Albatross protocol in Rust. Versions of Nimiq prior to 1.3.0 contained a security vulnerability. This vulnerability stemmed from the network-libp2p library’s use of the libp2p ConnectionHandler state machine. This handler assumes that each connection...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013449)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013449 advisory. In the Linux kernel, the following vulnerability has been resolved: dm rq: don't queue request to blk-mq during DM suspend DM uses blk-mq's quiesce/unquiesce to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from l2capecredconnreq not verifying the number of SCIDs, resulting in an out-of-bound read of the sta...

PT-2026-34412

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A double-free issue exists in the SMC implementation of the Linux kernel. The smc rx splice function allocates an smc spd priv object per pipe buffer and stores the pointer in pipe...