UBUNTU-CVE-2026-43499

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in removewaiter removewaiter is used by the slowlock paths, but it is also used for proxy-lock rollback in rtmutexstartproxylock when invoked from futexrequeue. In the latter case...

SUSE-SU-2026:2037-1 Security update for php8

This update for php8 fixes the following issues - CVE-2025-14179: improper handling of NULL bytes by the PDO Firebird driver when preparing SQL queries can lead to SQL injection bsc1264778. - CVE-2026-6722: use-after-free in SOAP using Apache map can lead to remote code execution bsc1264776. -...

php: Fix of 2 CVEs

CVE-2026-6722: Use-after-free in SOAP ext via stale refmap pointer - CVE-2026-7261: Use-after-free in SOAP after header parse failure with SOAPPERSISTENCESESSION...

CVEs

NULL Dereference The vulnerabilities found in cryptofioctl...

ROS-20260521-73-0004

A vulnerability in the icmptagvalidation function of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service by sending specially crafted ICMP packets...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from schred qdisc directly calling dequeue of sub-qdisc instead of peek and qdiscdequeuepeeked. This could...

freerdp: FreeRDP: Denial of Service via double free vulnerability during disconnect

A flaw was found in FreeRDP, a free implementation of the Remote Desktop Protocol. This double free vulnerability occurs during the cleanup process when a remote desktop session disconnects. Specifically, if a title allocation fails, a pointer to an application window is freed but not removed fro...

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSHAGENTSUCCESS 0x06 message to requests expecting typed replies e.g., List, Sign. The unmarshal layer produces an unexpected message type, which the client code does not handle,...

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

kernel: net: af_can: do not leave a dangling sk pointer in can_create()

In the Linux kernel, the following vulnerability has been resolved: net: afcan: do not leave a dangling sk pointer in cancreate On error cancreate frees the allocated sk object, but sockinitdata has already attached it to the provided sock object. This will leave a dangling sk pointer in the sock...

CVE-2026-33278

A flaw was discovered in Unbound’s DNSSEC validator can leave it using an invalid memory pointer after certain DS sub-query validations fail due to NSEC3 budget exhaustion. This may cause crashes and could potentially allow arbitrary code execution...

libtiff: libtiff: Arbitrary code execution or denial of service via signed integer overflow in TIFF file processing

A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations,...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

CVE-2026-42959

NLnet Labs Unbound up to and including version 1.25.0 has a denial of service vulnerability in the DNSSEC validator that can lead to a crash given malicious upstream replies. When Unbound constructs chase-reply messages for validation, the code uses the wrong counter to calculate write offsets fo...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

CVE-2026-33278

NLnet Labs Unbound 1.19.1 up to and including version 1.25.0 has a vulnerability in the DNSSEC validator that enables denial of service and possible remote code execution as a result of deep copying a data structure and erroneously overwriting a destination pointer. An adversary can exploit the...

firefox: thunderbird: Invalid pointer in the JavaScript: WebAssembly component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Invalid pointer in the JavaScript: WebAssembly component...

Astra Linux - уязвимость в linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fixed a NULL pointer dereference in amdgpudmi2cxfer. When ddcserviceconstruct is called, it explicitly checks both the link type and whether there is something on the link that will determine whether the pin is...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: idpf: Fixed the NULL pointer dereferencing issue after a soft reset. During a soft reset, the RSS LUT is freed and not restored unless the interface is active. If an ethtool command that accesses the RSS LUT is attempted...