CVE-2026-31726

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

EUVD-2026-26539

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uvc: fix NULL pointer dereference during unbind race Commit b81ac4395bbe "usb: gadget: uvc: allow for application to cleanly shutdown" introduced two stages of synchronization waits totaling 1500ms in uvcfunctionunbi...

CVE-2026-31715

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix UAF caused by decrementing sbi-nrpages in f2fswriteendio The xfstests case "generic/107" and syzbot have both reported a NULL pointer dereference. The concurrent scenario that triggers the panic is as follows:...

CVE-2026-31715

In Linux kernel (f2fs), CVE-2026-31715 is a use-after-free triggered by decrementing sbi->nr_pages[] during F2FS_WB_CP_DATA handling. The root cause is that f2fs_put_super() calls iput(sbi->node_inode) and NULLs the node_inode after the counter reaches zero, allowing f2fs_in_warm_node_list(...

CLSA-2026-1776179858 Fix of 5 CVEs

SECURITY UPDATE: fix vulnerability in MSL coder - debian/patches/CVE-2026-25988.patch: fix vulnerability in MSL coder - CVE-2026-25988 SECURITY UPDATE: fix path traversal via policy bypass - debian/patches/CVE-2026-25965.patch: fix path traversal via policy bypass - CVE-2026-25965 SECURITY UPDATE...

SUSE CVE-2026-26965

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, in the RLE planar decode path, planardecompressplanerle writes into pDstData at nYDst+y nDstStep + 4nXDst + nChannel without verifying that nYDst+nSrcHeight fits in the destination height or that...

PT-2026-36362

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u ether: Fix NULL pointer deref in eth get drvinfo Commit ec35c1969650 "usb: gadget: f ncm: Fix net device lifecycle with device move" reparents the gadget device to /sys/devices/virtual during unbind, clearing the...

PT-2026-36375

In the Linux kernel, the following vulnerability has been resolved: counter: rz-mtu3-cnt: do not use struct rz mtu3 channel's dev member The counter driver can use HW channels 1 and 2, while the PWM driver can use HW channels 0, 1, 2, 3, 4, 6, 7. The dev member is assigned both by the counter...

Wireshark 2.4.x < 2.4.7 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is prior to 2.4.7. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.4.7 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was...

EUVD-2026-26601

An issue was discovered in VrmlDataIndexedFaceSet::TShape in the VRML V2.0 parser in Open CASCADE Technology OCCT V800rc5 allows attackers to cause a denial of service via a crafted VRML file. The issue occurs because malformed VRML input can trigger dereference of a corrupt or unvalidated pointe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the AFALG interface failing to clear the end marker of the previous SGL when linking a new SGL, causing the...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the devmregmapinitmmio error handling checking for NULL instead of ERRPTR in the gpio qixis-fpga driver, whi...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the usb cdns3 gadget driver not checking when the ep-desc pointer is null in the epqueue, which could result...

PT-2026-36363

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists between the gether disconnect and eth stop functions. If eth stop is triggered concurrently while gether disconnect is tearing down endpoints, eth stop may attemp...

PT-2026-36384

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the comedi ni atmio16d driver where the atmio16d detach handler function calls reset atmio16d unconditionally during a failed attach process. If the atmio16d attach...

PT-2026-36425

In the Linux kernel, the following vulnerability has been resolved: gpio: qixis-fpga: Fix error handling for devm regmap init mmio devm regmap init mmio returns an ERR PTR on failure, not NULL. The original code checked for NULL which would never trigger on error, potentially leading to an invali...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel. This vulnerability stems from the auxdisplay line-display driver, which relies on an attachment list when accessing a...

PT-2026-36430

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the net/mlx5 component where the function mlx5 lag dev add mdev may return success even if a gracefully handled error occurs. This allows the initialization process to...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a null pointer dereferencing during the unbinding process, potentially leading to kernel crashes...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between gether disconnect and ethstop in uether. This vulnerability may lead to...