CVE-2026-46249 octeontx2-af: Fix PF driver crash with kexec kernel booting

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardware is not power-cycled, so AF state from the old kernel can persist into the new kernel. When AF and PF drivers are built as modules, the...

GHSA-HPV4-5H6F-WQR3 russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

SUSE CVE-2026-46102

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...

CVE-2026-46102

In the Linux kernel, the following vulnerability has been resolved: net: strparser: fix skbhead leak in strpabortstrp When the stream parser is aborted, for example after a message assembly timeout, it can still hold a reference to a partially assembled message in strp-skbhead. That skb is not...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: TLS: Handle the situation where data disappears from the receive queue under TLS ULP. TLS assumes that it owns the receive queue of the TCP socket. This assumption cannot be guaranteed if the reader of the TCP socket entered befo...

Astra Linux - уязвимость в firefox

When sharing geolocation during an active WebRTC share, Firefox may reset the WebRTC sharing state in the user interface, resulting in a loss of control over the currently granted permissions. This vulnerability affects Firefox versions earlier than 85...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: libceph: The state of sparse-read was reset in osdfault. When a fault occurs, the connection is abandoned, re-established, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a...

CVE-2026-3829

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wplebasicgetrequests' function in all versions up to, and including, 7.8.5.10. This makes...

PT-2026-40865

The WP Encryption – One Click Free SSL Certificate & SSL / HTTPS Redirect, Security & SSL Scan plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on the 'wple basic get requests' function in all versions up to, and including, 7.8.5.10. This...

Astra Linux - уязвимость в linux-5.15, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fixed a memory leak during the transition from D3hot to D0 If the variable ‘vfiopcicoredevice::needspmrestore’ is set i.e., the PCI device does not have the NoSoftReset bit set in its PMCSR configuration register, then...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to synchronize between BR and BV that are persistent across submits and w...

curl: libcurl stale CURLOPT_AUTOREFERER leaks a previous request URL to a different origin on a reused easy handle

Summary: libcurl keeps a stale data-state.referer after an HTTP redirect when CURLOPTAUTOREFERER is enabled. Curlhttpfollow stores the previous URL into data-state.referer at lib/http.c:1166-1189, and later requests reuse that value when building Referer: at lib/http.c:2954-2957. In my local...

UBUNTU-CVE-2026-23136

In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osdfault When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a separate stat...

CVE-2026-23136 libceph: reset sparse-read state in osd_fault()

In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osdfault When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a separate stat...

PT-2026-8131

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the libceph component of the Linux kernel where the sparse-read state is not properly reset in the osd fault function when a connection fault occurs. This can lead to th...

CVE-2025-38616

In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...

CVE-2025-38616 tls: handle data disappearing from under the TLS ULP

In the Linux kernel, the following vulnerability has been resolved: tls: handle data disappearing from under the TLS ULP TLS expects that it owns the receive queue of the TCP socket. This cannot be guaranteed in case the reader of the TCP socket entered before the TLS ULP was installed, or uses...

CVE-2025-38616

CVE-2025-38616 (Linux kernel TLS ULP issue) affects the kernel TLS path handling data that may disappear from under the TLS ULP when the socket reader predated TLS installation or uses non-standard read APIs. The bug could lead to an out-of-bounds read or TLS state corruption if data is partially...

Linux Distros Unpatched Vulnerability : CVE-2025-38188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm/a7xx: Call CPRESETCONTEXTSTATE Calling this packet is necessary when we switch contexts because there are various pieces of state used by userspace to...

kernel: drm/vmwgfx: Unmap the surface before resetting it on a plane state

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Unmap the surface before resetting it on a plane state Switch to a new plane state requires unreferencing of all held surfaces. In the work required for mob cursors the mapped surfaces started being cached but the...