14 matches found
CVE-2026-42276
Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...
CVE-2026-42276
Onyx has an IDOR vulnerability in POST /chat/stop-chat-session/{chat_session_id}. Authenticated users can stop other users’ active chat sessions because the endpoint authenticates the caller but does not verify that the session belongs to them. An attacker knowing a chat_session_id can interrupt ...
CVE-2026-42276
Onyx is an open-source AI platform. Prior to versions 3.0.9, 3.1.6, and 3.2.6, the POST /chat/stop-chat-session/chatsessionid endpoint lets any authenticated user stop any other user's active chat session. The endpoint checks authentication but never verifies the session belongs to the caller. An...
PT-2026-38660
Name of the Vulnerable Software and Affected Versions Onyx versions prior to 3.0.9 Onyx versions prior to 3.1.6 Onyx versions prior to 3.2.6 Description An issue in the AI platform allows an authenticated user to terminate another user's active chat session. The endpoint...
SUSE CVE-2026-43217
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
Linux Distros Unpatched Vulnerability : CVE-2026-43217
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will...
EUVD-2026-27779
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
CVE-2026-43217
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
CVE-2026-43217
CVE-2026-43217 affects the Linux kernel, specifically the media: iris: gen2 component. The issue occurs in iris_kill_session where inst->state is set to IRIS_INST_ERROR and session_close frees inst_hfi_gen2->packet; if stop_streaming is called afterward, a crash may occur. The published fix...
CVE-2026-43217
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
CVE-2026-43217
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
CVE-2026-43217 media: iris: gen2: Add sanity check for session stop
In the Linux kernel, the following vulnerability has been resolved: media: iris: gen2: Add sanity check for session stop In iriskillsession, inst-state is set to IRISINSTERROR and sessionclose is executed, which will kfreeinsthfigen2-packet. If stopstreaming is called afterward, it will cause a...
DEBIAN-CVE-2025-39692
In the Linux kernel, the following vulnerability has been resolved: smb: server: split ksmbdrdmastoplistening out of ksmbdrdmadestroy We can't call destroyworkqueuesmbdirectwq; before stopsessions! Otherwise already existing connections try to use smbdirectwq as a NULL pointer...
How to Start a SureBackup Job in Troubleshooting Mode
Purpose This article documents how to start an individual VM that has failed SureBackup validation in "Troubleshooting mode." Solution Troubleshooting Mode causes the selected VM in the SureBackup job to be powered on and remains on, despite possible test failures. This can be very useful for...