CVE-2026-31715

In Linux kernel (f2fs), CVE-2026-31715 is a use-after-free triggered by decrementing sbi->nr_pages[] during F2FS_WB_CP_DATA handling. The root cause is that f2fs_put_super() calls iput(sbi->node_inode) and NULLs the node_inode after the counter reaches zero, allowing f2fs_in_warm_node_list(...

CLSA-2026-1776179858 Fix of 5 CVEs

SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 SECURITY UPDATE...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between gether disconnect and ethstop in uether. This vulnerability may lead to...

PT-2026-36379

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix NULL pointer dereference when perf domain ID is not found dev energymodel nl get perf domains doit calls em perf domain get by id but does not check the return value before passing it to em nl get pd size. When a call...

PT-2026-36375

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rz mtu3 channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing during the unbinding process, potentially leading to kernel crashes...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the presence of a crash window when the attribute dabtree is deactivated, which could result in an invalid...

Oracle Linux 缓冲区错误漏洞

Oracle Linux is an open and complete operating environment from Oracle Corporation that provides virtualization, management and cloud-native computing tools, and operating systems. A buffer error vulnerability exists in Oracle Linux that stems from the ELF parser failing to perform bounds checkin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb cdns3 gadget driver not checking when the ep-desc pointer is null in the epqueue, which could result...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking valid entry devices when gmac0 is disabled, potentially leading to null pointer...

PT-2026-36384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the comedi ni atmio16d driver where the atmio16d detach handler function calls reset atmio16d unconditionally during a failed attach process. If the atmio16d attach...

CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the devmregmapinitmmio error handling checking for NULL instead of ERRPTR in the gpio qixis-fpga driver, whi...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ethgetdrvinfo function in uether accessing a null pointer during device separation, potentially...

PT-2026-36425

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devm regmap init mmio devm regmap init mmio returns an ERR PTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invali...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the auxdisplay line-display driver, which relies on an attachment list when accessing a...

CVE-2026-42478

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

EUVD-2026-26601

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the gpib driver's use of the gpibdescriptor pointer after releasing a lock in the IO ioctl handler, which...

PT-2026-36363

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the gether disconnect and eth stop functions. If eth stop is triggered concurrently while gether disconnect is tearing down endpoints, eth stop may attemp...