CVE-2026-53277

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Take the SRCU lock for page table walks in fault injection and AT emulation walks1 and kvmwalknesteds2 expect to be called while holding kvm-srcu to guard against memslot changes. While this is generally the case,...

EUVD-2026-32796

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot reported a KMSAN uninit-value issue in hfsplusstrcasecmp. The root cause is that hfsbrecread doesn't validate that the on-disk record size matches the expected si...

Security update for salt

This update for salt fixes the following issues: Security issues fixed: CVE-2025-67724: Fixed missing validation of supplied reason phrase bsc1254903 CVE-2025-67725: Fixed DoS via malicious HTTP request bsc1254905 CVE-2025-67726: Fixed HTTP header parameter parsing algorithm bsc1254904...

Tape::take_bytes exposes uninitialized memory to a user-provided Read

Affected versions of this crate passed an unininitialized buffer to a user-provided Read instance in Tape::takebytes. This can result in safe Read implementations reading from the uninitialized buffer leading to undefined behavior. The flaw was corrected in commit 1f2dc7f37dd by removing the unsa...