548 matches found
SUSE CVE-2026-31454
In the Linux kernel, the following vulnerability has been resolved: xfs: save ailp before dropping the AIL lock in push callbacks In xfsinodeitempush and xfsqmdquotlogitempush, the AIL lock is dropped to perform buffer IO. Once the cluster buffer no longer protects the log item from reclaim, the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013711)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013711 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spinlockirqsave in adjustinuseandcalccost adjustinuseandcalccost use spinlockirq...
Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007040)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007040 advisory. In the Linux kernel, the following vulnerability has been resolved: media: rainshadow-cec: fix TOCTOU race condition in raininterrupt In the interrupt handler...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011304)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011304 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-iocost: use spinlockirqsave in adjustinuseandcalccost adjustinuseandcalccost use spinlockirq...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007254)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007254 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spinlockbh while releasing resources after upload The session resources are...
EUVD-2026-18659
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in durable v2 replay of active file handles parsedurablehandlecontext unconditionally assigns dhinfo-fp-conn to the current connection when handling a DURABLEREQV2 context with SMB2FLAGSREPLAYOPERATION...
EUVD-2026-15342
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
CVE-2026-23362
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
CVE-2026-23362 can: bcm: fix locking for bcm_op runtime updates
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
CVE-2026-23362
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
CVE-2026-23362
CVE-2026-23362 affects the Linux kernel component can/bcm locking during bcm_op runtime updates (bcm_tx_setup/bcm_rx_setup). Connected OSV records show Root (rootio-linux) has patched this CVE in Root:Debian:11/12/13 with multiple fixed versions across Debian/Ubuntu and Mageia advisories, indicat...
CVE-2026-23362 can: bcm: fix locking for bcm_op runtime updates
In the Linux kernel, the following vulnerability has been resolved: can: bcm: fix locking for bcmop runtime updates Commit c2aba69d0c36 "can: bcm: add locking for bcmop runtime updates" added a locking for some variables that can be modified at runtime when updating the sending bcmop with a new...
Build Serverless Functions with Zero Cold Starts: WebAssembly and Spin
...
DEBIAN-CVE-2026-3884
Versions of the package spin.js before 3.0.0 are vulnerable to Cross-site Scripting XSS via the spin function that allows a creation of more than 1 alert for each 'target' element. An attacker would need to set an arbitrary key-value pair on Object.prototype through a crafted URL achieving a...
Enhanced Security in Quantum Token Protocols Using Hybrid Spin-Photon Interfaces
Quantum token protocols enable unforgeable quantum tokens promising unconditional security beyond classical cryptographic assumptions. We show here that the three stages of the Quantum token protocols involving the preparation, storage and verification can be made more secure when involving...
CVE-2026-27887
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...
CVE-2026-27887 Spin has memory leaks in various WIT interfaces
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...
CVE-2026-27887
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...
CVE-2026-27887
CVE-2026-27887 affects Spin and related components where buffering an entire response from a database or HTTP server can exhaust host memory, causing panics/crashes. The issue arises when a guest app inserts large numbers of rows or large content bodies and Spin buffers the full response before d...
EUVD-2026-8796
Spin is an open source developer tool for building and running serverless applications powered by WebAssembly. When Spin is configured to allow connections to a database or web server which could return responses of unbounded size e.g. tables with many rows or large content bodies, Spin may in so...