CVE-2026-46077 crypto: atmel-tdes - fix DMA sync direction

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-tdes - fix DMA sync direction Before DMA output is consumed by the CPU, -dmaaddrout must be synced with dmasyncsingleforcpu instead of dmasyncsinglefordevice. Using the wrong direction can return stale cache data on...

EUVD-2026-32452

In the Linux kernel, the following vulnerability has been resolved: md/raid5: validate payload size before accessing journal metadata r5crecoveryanalyzemetablock and r5lrecoveryverifydatachecksumformb iterate over payloads in a journal metadata block using on-disk payload size fields without...

SUSE CVE-2026-45843

In the Linux kernel, the following vulnerability has been resolved: slip: bound decode reads against the compressed packet length slhcuncompress parses a VJ-compressed TCP header by advancing a pointer through the packet via decode and pull16. Neither helper bounds-checks against isize, and decod...

CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

EUVD-2026-32433

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

CVE-2026-46051

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

CVE-2026-46051

The CVE-2026-46051 entry concerns the Linux kernel md/raid5 layer. It fixes a soft lockup in retry_aligned_read() when encountering an overlapped stripe. The bug occurs because a stripe released via raid5_release_stripe() enters the released_stripes list, and in the next raid5d loop, release_stri...

CVE-2026-46051 md/raid5: fix soft lockup in retry_aligned_read()

In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix soft lockup in retryalignedread When retryalignedread encounters an overlapped stripe, it releases the stripe via raid5releasestripe which puts it on the lockless releasedstripes llist. In the next raid5d loop...

CVE-2026-46049

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Add fallback to default RSR for S/PDIF spdifpassthruplaybackgetresources uses atc-pllrate as the RSR for the MSR calculation loop. However, pllrate is only updated in atcpllinit and not in hwpllinit, so it remains 0...

CVE-2026-46045

The CVE-2026-46045 issue affects the Linux kernel’s md/md-llbitmap component. When reading bitmap pages from member disks, the code iterates through rdevs and reads from the first available one but only checked raid_disk assignment and the Faulty flag, omitting the In_sync flag. As a result, bitm...

CVE-2026-46022 misc: ibmasm: fix OOB MMIO read in ibmasm_handle_mouse_interrupt()

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

CVE-2026-46001

In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...

CVE-2026-46001 hwmon: (pt5161l) Fix bugs in pt5161l_read_block_data()

In the Linux kernel, the following vulnerability has been resolved: hwmon: pt5161l Fix bugs in pt5161lreadblockdata Fix two bugs in pt5161lreadblockdata: 1. Buffer overrun: The local buffer rbuf is declared as u8 rbuf24, but i2csmbusreadblockdata can return up to I2CSMBUSBLOCKMAX 32 bytes. The...

CVE-2026-45839

A flaw was found in the Linux kernel's BPF Berkeley Packet Filter CO-RE Compile Once - Run Everywhere accessor parsing. A local attacker with CAPBPF capabilities could craft a malicious BPF program that uses negative CO-RE accessor indices. This input validation vulnerability allows for an...

CVE-2026-1933 Samba: missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

CVE-2026-1933

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

CVE-2026-1933 Samba: missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

CVE-2026-1933

Samba CVE-2026-1933 involves missing SMB-layer access checks for NTFS-style reparse points on read-only = yes shares. Authenticated users with underlying filesystem write permissions can create or delete reparse point metadata via SMB, potentially altering SMB-visible file behavior (e.g., convert...

CVE-2026-3366 InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...

CVE-2026-3366 InfoSphere Optim Test Data Fabrication is affected by Arbitrary File Read

IBM InfoSphere Optim Test Data Fabrication 1.0.0, 1.0.0.1, 1.0.0.2, 1.0.2, 1.0.2.2, 1.0.2.3, 1.0.2.4, 1.0.2.5, 1.0.2.6, 1.0.2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences /../ to view...