Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding a lock. This allows the IRQ handler to check whether a transfer is in progress. When clearing the...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer check in IRQ handler Now, all other accesses to currxfer are performed under a lock. The NULL check of currxfer in tegraqspiisrthread must be protected with a spinlock. Without this protection...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad – Fixing timeout handling When the CPU on which the QSPI interrupt handler runs typically CPU 0 is excessively busy, it can lead to rare cases where the IRQ thread does not run before the transfer timeout is...

Security update for python311

This update for python311 fixes the following issues: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run...

SUSE-SU-2026:2298-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970...

SUSE CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

CVE-2026-46192

A flaw was found in the Linux kernel's spi: microchip-core-qspi driver. This vulnerability allows the driver to transmit data during emulated read-only dual or quad operations, which are specific modes for communicating with Quad Serial Peripheral Interface QSPI devices. This unintended data...

CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

UBUNTU-CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

EUVD-2026-32819

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

CVE-2026-46192

CVE-2026-46192 concerns the Linux kernel spi: microchip-core-qspi driver, where transmitting garbage data during emulated read-only dual/quad operations could brick the QSPI transfer. The issue was resolved in the kernel, with reads handled by the core via clock cycles, removing the need to emit ...

CVE-2026-46192 spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

CVE-2026-46192

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: don't attempt to transmit during emulated read-only dual/quad operations The core will deal with reads by creating clock cycles itself, there's no need to generate clock cycles by transmitting garbage da...

MINI-P8JR-4QFP-H77H

Bulletin has no description...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories CVE-2025-68736 In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: signal: Fix restoration of SVE context CVE-2026-23102 In the Linu...

SUSE-SU-2026:21415-1 Security update for python311

This update for python311 fixes the following issue: - CVE-2026-3446: base64 decoding stops at first padded quad by default and ignores other information that could be processed bsc1261970...

EUVD-2026-25595

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack require...

SUSE SLES15 Security Update : python (SUSE-SU-2026:1503-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:1503-1 advisory. This update for python fixes the following issue: - CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Tenable has...

Security update for python

This update for python fixes the following issue: CVE-2026-3446: Base64 decoding stops at first padded quad by default bsc1261970. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...