RLSA-2026:11704 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root...

RLSA-2026:11514 Important: grafana-pcp security update

The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root...

CVE-2026-43079

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Skip discovery table for offline dies This warning can be triggered if NUMA is disabled and the system boots with fewer CPUs than the number of CPUs in die 0. WARNING: CPU: 9 PID: 7257 at uncore.c:1157...

API Security Operations: How to Move from Visibility to Measurable Risk Reduction

A five-level operating model for turning API security visibility into measurable risk reduction, faster remediation, and confident digital growth — without slowing development. What is API security operationalization? API security operationalization is the process of converting API discovery and...

CVE-2026-43079

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Skip discovery table for offline dies This warning can be triggered if NUMA is disabled and the system boots with fewer CPUs than the number of CPUs in die 0. WARNING: CPU: 9 PID: 7257 at uncore.c:1157...

SUSE CVE-2026-31782

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix potential bad containerof in intelpmuhwconfig Auto counter reload may have a group of events with software events present within it. The software event PMU isn't the x86hybridpmu and a containerof operation in...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the perf/arm-cmn driver not rejecting hardware configurations that are not supported, potentially...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from issues with header offset overflow and protocol header misalignment during the extraction of data...

GHSA-FC86-6RV6-2JPM webonyx/graphql-php has quadratic validation cost in OverlappingFieldsCanBeMerged via inline fragments

Summary OverlappingFieldsCanBeMerged validation rule has On^2 x m^2 worst case via flattened inline fragments. The CVE-2023-26144 named-fragment cache does not cover inline fragments. A 364 KB query 200 outer x 100 inner inline fragments consumes 117 seconds of CPU per request, with no comparison...

CVE-2026-24082

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

CVE-2026-24082 Use After Free in Automotive GPU

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

EUVD-2026-26982

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

CVE-2026-24082

Memory Corruption when copying data from a freed source while executing performance counter deselect operation...

PT-2026-36845

CVE-2026-24082 Memory Corruption when copying data from a freed source while executing performance counter deselect operation. https://t.co/qessX6bSdn...

Qualcomm Chipsets 资源管理错误漏洞

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a resource management vulnerability, which occurs when data is copied from a released source during the operation of canceling the performance counter selection, resulting in...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: perf/x86: The movement of the event pointer was moved earlier in x86pmuenable. A production AMD EPYC system crashed due to a NULL pointer dereference in the PMU NMI handler: BUG: NULL pointer dereference in the kernel, address:...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom-hw: A memory leak has been fixed in qcomcpufreqhwreadlut. If qcomcpufreqhwreadlut fails to obtain the operation table, the program will terminate, resulting in the “table” resource not being released...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ntbnetdev: Use devkfreeskbany in interrupt context. TX/RX callback handlers ntbnetdevtxhandler, ntbnetdevrxhandler can be called in interrupt context via the DMA framework after the respective DMA operations are completed...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, the ingress ACL is used for three features. It is created only when the vport metadata match and the prio tag is enabled. However, the active-backup lag mode also uses...

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hns: Fixed the issue where the CPU got stuck due to printouts during reset. During reset, commands to destroy resources such as qp, cq, and mr may fail, and error logs will be printed. When a large number of resources are...