EUVD-2026-28584

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

CVE-2026-43314

In the Linux kernel, the following vulnerability has been resolved: dm: remove fake timeout to avoid leak request Since commit 15f73f5b3e59 "blk-mq: move failure injection out of blkmqcompleterequest", drivers are responsible for calling blkshouldfaketimeout at appropriate code paths and...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an URB leak in the pvr2sendrequestex function. This vulnerability may lead to the submission of write...

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in jetty-server (CVE-2026-1605)

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-1605 reported for jetty-server-12.0.25.jar. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: netfs: fix reference leak Commit 20d72b00ca81 "netfs: Fix the request's work item to not require a ref" modified netfsallocrequest to initialize the reference counter to 2 instead of 1. The rationale was that the requet's "work"...

Security Bulletin: Due to use of jetty-server-12.0.16.jar, IBM Sterling Connect:Direct Web Services is affected by response not compressed issue for corresponding HTTP request, causing the leak.

Summary jetty-server-12.0.16.jar is used by IBM Sterling Connect:Direct Web Services CVE-2026-1605. Vulnerability Details CVEID:CVE-2026-1605 DESCRIPTION: In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with...

UBUNTU-CVE-2026-33192

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. In versions prior to 1.4.2, the UDM incorrectly converts a downstream 400 Bad Request from UDR into a 500 Internal Server Error when handling PATCH requests with an empty supi path parameter...

CVE-2026-1605

In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5, class GzipHandler exposes a vulnerability when a compressed HTTP request, with Content-Encoding: gzip, is processed and the corresponding response is not compressed. This happens because the JDK Inflater is allocated for decompressing t...

CVE-2018-4067

An exploitable information disclosure vulnerability exists in the ACEManager templateload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. A specially crafted HTTP request can cause a information leak, resulting in the disclosure of internal paths and files. An attacker can make an...

PT-2025-52937

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the virtio crypto alg skcipher close session function within the virtio-crypto module. Specifically, the vc ctrl req memory is allocated but not freed in error...

SUSE CVE-2023-53467

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential leak in rtw89appendprobereqie Do kfreeskbnew before goto out to prevent potential leak...

Linux Distros Unpatched Vulnerability : CVE-2024-35816

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: firewire: ohci: prevent leak of left- over IRQ on unbind Commit 5a95f1ded28691e6 firewire:...

Exploit for Out-of-bounds Read in Citrix Netscaler_Application_Delivery_Controller

CVE-2025-5777 - Citrix NetScaler Memory Leak Exploit !Banner...

CVE-2022-49791 io_uring: fix multishot accept request leaks

In the Linux kernel, the following vulnerability has been resolved: iouring: fix multishot accept request leaks Having REQFPOLLED set doesn't guarantee that the request is executed as a multishot from the polling path. Fortunately for us, if the code thinks it's multishot issue when it's not, it...

PT-2025-18508 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A issue in the Linux kernel has been resolved, related to io uring, where a multishot accept request leak occurred. Having REQ F POLLED set does not guarantee that the request is...

UBUNTU-CVE-2023-52981

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix request ref counting during error capture & debugfs dump When GuC support was added to error capture, the reference counting around the request object was broken. Fix it up. The context based search manages the...

DEBIAN-CVE-2022-49057

In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When poll request is timed out, it is removed from the poll list, but not completed, so the request is leaked, and never get chance to complete. Fix the issue by ending it in timeout...

CVE-2022-49057 block: null_blk: end timed out poll request

In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When poll request is timed out, it is removed from the poll list, but not completed, so the request is leaked, and never get chance to complete. Fix the issue by ending it in timeout...

CVE-2022-49057

The CVE-2022-49057 issue occurs in the Linux kernel’s block/null_blk path where a timed-out poll request is removed from the poll list but not completed, causing a leak and preventing completion. The vulnerability is triggered when a poll request times out and is not finalized, leaving it in an i...

CVE-2022-49057

In the Linux kernel, the following vulnerability has been resolved: block: nullblk: end timed out poll request When poll request is timed out, it is removed from the poll list, but not completed, so the request is leaked, and never get chance to complete. Fix the issue by ending it in timeout...