CVE-2026-23138

In CVE-2026-23138, the Linux kernel fixes an infinite recursion bug triggered when tracing the RCU events with the stack-trace trigger enabled. The patch expands ftrace recursion protection by adding a set of bits to protect events from recursion across contexts (normal, softirq, interrupt, and N...

Linux Distros Unpatched Vulnerability : CVE-2026-23138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kerne...

Grafana has a Cross-site Scripting issue

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

GHSA-CQP7-WF4C-3XGC Grafana has a Cross-site Scripting issue

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

OSV-2026-196 Null-dereference READ in ubsan_GetStackTrace

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=481752521 Crash type: Null-dereference READ Crash state: ubsanGetStackTrace...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper use of the synthetic stack trace field, potentially leading to kernel crashes...

UBUNTU-CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005172)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005172 advisory. In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix regression with module command in stacktracefilter When executing the following...

CVE-2022-31189

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...

PT-2026-8133

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to kernel stack trace recording. An infinite recursion could occur when tracing RCU events with the kernel stack trace trigger enabled, as the...

SUSE CVE-2025-68378

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN slab-out-of-bounds write in bpfgetstackid when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack...

EUVD-2025-205076

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN slab-out-of-bounds write in bpfgetstackid when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack...

CVE-2025-68378

CVE-2025-68378 is a Linux kernel vulnerability affecting BPF stack map handling. The issue was a stackmap overflow check in __bpf_get_stackid(), where copying stack traces could write out of bounds when the perf trace contained more stack entries than the stack map bucket could hold. Syzkaller re...

CVE-2025-68378 bpf: Fix stackmap overflow check in __bpf_get_stackid()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN slab-out-of-bounds write in bpfgetstackid when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack...

CVE-2022-50686 Kentico Xperience <= 12.0 Portal Engine Form Control Information Disclosure

An information disclosure vulnerability in Kentico Xperience allows attackers to view sensitive stack trace details via Portal Engine form control error messages. Detailed error messages can expose internal system information and potentially reveal implementation details to unauthorized users...

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

EUVD-2025-203808

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

UBUNTU-CVE-2025-68322

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

CVE-2025-9122 Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...