SUSE CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

EUVD-2026-32226

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

CVE-2026-45942 ext4: fix e4b bitmap inconsistency reports

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

CVE-2026-45942

Summary of CVE-2026-45942 : A race condition in the Linux kernel ext4 bitmap handling enables inconsistent bitmap reporting due to concurrent page migration and bitmap modification in the load_buddy path. The root cause is that the fast load_buddy path only increments the folio refcount and can o...

PT-2026-43809

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4 mb complex scan group:2508: gro...

CVE-2024-14027

In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path In the Linux kernel, the fremovexattr syscall calls fdget to acquire a file reference but returns early without calling fdput when strncpyfromuser fails on the name argument. In...

Characterizing and Modeling the GitHub Security Advisories Review Pipeline

GitHub Security Advisories GHSA have become a central component of open-source vulnerability disclosure and are widely used by developers and security tools. A distinctive feature of GHSA is that only a fraction of advisories are reviewed by GitHub, while the mechanisms associated with this revie...

CVE-2024-6437

On affected platforms running Arista EOS with one of the following features configured to redirect IP traffic to a next hop: policy-based routing PBR, BGP Flowspec, or interface traffic policy -- certain IP traffic such as IPv4 packets with IP options may bypass the feature's set nexthop action a...

CVE-2024-6437

CVE-2024-6437 affects Arista EOS when policy-based routing (PBR), BGP Flowspec, or interface traffic policy is configured to redirect traffic to a next hop. The issue causes certain IPv4 packets (e.g., with IP options) to bypass the configured nexthop and be slow-path forwarded by the kernel to t...

Arista EOS 安全漏洞

Arista EOS is a fully programmable, highly modular, Linux-based network operating system from Arista Corporation. A security vulnerability exists in Arista EOS that stems from On affected platforms running Arista EOS, if some features are configured to redirect IP traffic to the next hop may bypa...

DEBIAN-CVE-2024-44943

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

CVE-2024-44943 mm: gup: stop abusing try_grab_folio

In the Linux kernel, the following vulnerability has been resolved: mm: gup: stop abusing trygrabfolio A kernel warning was reported when pinning folio in CMA memory when launching SEV virtual machine. The splat looks like: 464.325306 WARNING: CPU: 13 PID: 6734 at mm/gup.c:1313...

CVE-2024-43878

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix input error path memory access When there is a misconfiguration of input state slow path KASAN report error. Fix this error. west login: 52.987278 eth1: renamed from veth11 53.078814 eth1: renamed from veth21 53.181355...

PT-2024-30735 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.10.2 Description: The issue is related to a misconfiguration of the input state slow path in the Linux kernel, which causes a KASAN report error. This error occurs due to a wild-memory-access in the xfrmi rcv ...

kernel: nf_tables: use-after-free vulnerability in the nft_verdict_init() function

A flaw was found in the Netfilter subsystem in the Linux kernel. This issue occurs in the nftverdictinit function, allowing positive values as a drop error within the hook verdict, therefore, the nfhookslow function can cause a double-free vulnerability when NFDROP is issued with a drop error tha...

SUSE CVE-2024-26826

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it first try to check...

DEBIAN-CVE-2024-26826

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it first try to check...

kernel: net: preserve skb_end_offset() in skb_unclone_keeptruesize()

In the Linux kernel, the following vulnerability has been resolved: net: preserve skbendoffset in skbunclonekeeptruesize syzbot found another way to trigger the infamous WARNONONCEdelta truesize value, we also need to make sure TCP wont fill new tailroom that pskbexpandhead was able to get from a...

Cisco IOS XR Software Slow Path Forwarding Denial of Service Vulnerability

A vulnerability in the egress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers and Cisco Network Convergence System NCS 5000 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an...