ECHO-8222-9154-2D64

Bulletin has no description...

CVE-2026-41168

A flaw was found in pypdf. An attacker can craft a malicious PDF file containing oversized cross-reference streams or object streams. Processing such a file can lead to excessively long runtimes, resulting in a Denial of Service DoS for applications using the pypdf library. Mitigation Mitigation...

EUVD-2026-25645

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

CVE-2026-31678 openvswitch: defer tunnel netdev_put to RCU release

In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdevput to RCU release ovsnetdevtunneldestroy may run after NETDEVUNREGISTER already detached the device. Dropping the netdev reference in destroy can race with concurrent readers that still observe...

EUVD-2026-25640

In the Linux kernel, the following vulnerability has been resolved: afunix: read UNIXDIAGVFS data under unixstatelock Exact UNIX diag lookups hold a reference to the socket, but not to u-path. Meanwhile, unixreleasesock clears u-path under unixstatelock and drops the path reference after unlockin...

BELL-CVE-2026-31648

Bulletin has no description...

MINI-C3HQ-M2FX-GX32

Bulletin has no description...

SUSE CVE-2026-6732

A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition XSD validated document that includes an internal entity reference. An attacker could exploit this by providing a malicious document, leading to a type confusion error that...

SUSE CVE-2026-31565

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix deadlock during netdev reset with active connections Resolve deadlock that occurs when user executes netdev reset while RDMA applications e.g., rping are active. The netdev reset causes ice driver to remove irdma...

SUSE CVE-2026-31604

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix device leak on probe failure Driver core holds a reference to the USB interface and its parent USB device while the interface is bound to a driver and there is no need to take additional references unless the...

SUSE CVE-2026-31634

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpcserverkeyring This patch fixes a reference count leak in rxrpcserverkeyring by checking if rx-securities is already set...

SUSE CVE-2026-31638

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpcinputpacketonconn can process a to-client packet after the current client call on the channel has already been torn down. In that case chan-call is NULL, rxrpctrygetcall retur...

SUSE CVE-2026-31639

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call-key When creating a client call in rxrpcallocclientcall, the code obtains a reference to the key. This is never cleaned up and gets leaked when the call is destroyed. Fix this by...

SUSE CVE-2026-31657

In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadvblaaddclaim can replace claim-backbonegw and drop the old gateway's last reference while readers still follow the pointer. The netlink claim dump path dereferences...

SUSE CVE-2026-31663

In the Linux kernel, the following vulnerability has been resolved: xfrm: hold dev ref until after transportfinish NFHOOK After async crypto completes, xfrminputresume calls devput immediately on re-entry before the skb reaches transportfinish. The skb-dev pointer is then used inside NFHOOK and i...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the premature release of exclusive options in the ip6flowlabel when the reference count reaches...

CVE-2026-6175

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2026-31663

A flaw was found in the Linux kernel's xfrm IP eXtensible FRamework subsystem. This vulnerability involves a race condition where a network device's reference is released too early during packet processing after asynchronous cryptography. This premature release can lead to the system attempting t...

CVE-2026-41248

creationtimestamp| type| source ---|---|--- 2026-04-24 22:00:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mkbjlxyitp2w 2026-04-25 00:00:42+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mkbqdc3r752v 2026-04-25 00:00:46+00:00| seen|...

CVE-2026-31634

A flaw was found in the Linux kernel's rxrpc subsystem. An issue with managing reference counts in the rxrpcserverkeyring function could lead to a resource leak. This vulnerability might allow a local attacker to exhaust system resources, potentially causing a denial of service DoS...