EUVD-2026-25456

In the Linux kernel, the following vulnerability has been resolved: net: macb: Use devconsumeskbany to free TX SKBs The napiconsumeskb function is not intended to be called in an IRQ disabled context. However, after commit 6bc8a5098bf4 "net: macb: Fix txptrlock locking", the freeing of TX SKBs is...

CVE-2026-31563

CVE-2026-31563 affects the Linux kernel macb network driver. The issue arises from freeing TX SKBs with napi_consume_skb() in IRQ-disabled context; a patch replaces it with dev_consume_skb_any() to avoid the warning trace and potential instability. All connected sources (NVD, SUSE, Red Hat, Debia...

CVE-2026-31542

CVE-2026-31542 affects the Linux kernel x86/platform/uv component. When a socket is deconfigured, it is mapped to SOCK_EMPTY (0xffff) instead of NUMA_NO_NODE, causing a panic during allocation of UV hub info structures and potentially DoS. The fixes patch the behavior to allocate on valid NUMA no...

EUVD-2026-25435

In the Linux kernel, the following vulnerability has been resolved: x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info structures. Fix this by using NUMANONODE, allowing UV hub info structur...

CVE-2026-31539

In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

CVE-2026-31539

In the Linux kernel, the following vulnerability has been resolved: smb: smbdirect: introduce smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

CVE-2026-31537

In the Linux kernel, the following vulnerability has been resolved: smb: server: make use of smbdirectsocket.sendio.bcredits It turns out that our code will corrupt the stream of reassabled data transfer messages when we trigger an immendiate empty send. In order to fix this we'll have a single...

CVE-2026-31537

In the Linux kernel SMB server, CVE-2026-31537 arises from improper handling of smbdirect_socket.send_io.bcredits, which can corrupt the stream of reassembled data transfer messages when triggering an immediate (empty) send. The fix introduces a single batch credit per connection; code obtaining ...

EUVD-2026-25428

In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

CVE-2026-31535

In the Linux kernel, the following vulnerability has been resolved: smb: client: make use of smbdirectsocket.recvio.credits.available The logic off managing recv credits by counting posted recvio and granted credits is racy. That's because the peer might already consumed a credit, but between...

SUSE CVE-2026-31532

In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro-uniq use-after-free in rawrcv rawrelease unregisters raw CAN receive filters via canrxunregister, but receiver deletion is deferred with callrcu. This leaves a window where rawrcv may still be running in an RCU...

PT-2026-35012

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the NFC PN533 component where the pn532 receive buf function may fail to allocate a fresh receive buffer before consuming bytes. If the alloc skb function fails, the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a failure in DMA mapping in the altera-tse driver, resulting in the skb objects not being release...

EUVD-2026-25566

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...

PT-2026-34981

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the NFC LLCP component. In the functions nfc llcp recv hdlc and nfc llcp recv disc, when the socket state is LLCP CLOSED, the code calls release sock and...

Arianna 访问控制错误漏洞

Arianna is an open-source e-book reading tool developed by KDE’s GitHub mirror. Versions of Arianna prior to 26.04.1 contained a access control error vulnerability. This vulnerability stemmed from the bookserver’s ability to allow attackers to read files by guessing the socket connection to the U...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Slurm vulnerability (USN-8197-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8197-1 advisory. It was discovered that Slurm did not properly handle access control when dealing with RPC traffic through PMI2 and PMIx, which could allow...

Linux Distros Unpatched Vulnerability : CVE-2026-31542

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - x86/platform/uv: Handle deconfigured sockets When a socket is deconfigured, it's mapped to SOCKEMPTY 0xffff. This causes a panic while allocating UV hub info...

buildah security update

1.41.8-3.0.1 - Drop nmap-ncat requirement and skip ignore-socket test case Orabug: 34117178 2:1.41.8-3 - rebuild for CVE-2026-34986 - Resolves: RHEL-165027...

CVE-2026-42095

bookserver in KDE Arianna before 26.04.1 allows attackers to read files over a socket connection by guessing a URL...