10984 matches found
kernel: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete
A flaw was found in the Linux kernel's xfrm IPSec framework subsystem. This vulnerability, a use-after-free, occurs when the system incorrectly manages memory related to security policies, specifically during the deletion of xfrmstate lists. An attacker with local access could exploit this flaw b...
USN-8490-2 linux-realtime, linux-realtime-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8490-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
CVE-2026-14890 CVE-2026-14890
SGLang uses an expert-parallel backup subsystem that exposes a ZeroMQ PULL socket on a routable network interface that does not contain authentication or deserialization safeguards, allowing an attacker to provide a malicious pickle file that results in unauthenticated remote code execution when...
CVE-2026-14890
SGLang is vulnerable to unauthenticated remote code execution via its expert-parallel backup subsystem. The issue centers on a ZeroMQ PULL socket exposed on a routable network interface with no authentication or deserialization safeguards, allowing an attacker to send a malicious pickle payload t...
CVE-2026-14890 CVE-2026-14890
SGLang uses an expert-parallel backup subsystem that exposes a ZeroMQ PULL socket on a routable network interface that does not contain authentication or deserialization safeguards, allowing an attacker to provide a malicious pickle file that results in unauthenticated remote code execution when...
Ubuntu 24.04 LTS : Linux kernel (HWE) vulnerabilities (USN-8545-1)
"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8545-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...
Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-8547-1)
The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8547-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in...
kernel: netfilter: nf_conntrack_helper: pass helper to expect cleanup
A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nfconntrackhelper. When a connection tracking helper is unregistered, its associated expectations are not properly cleaned up. This oversight can lead to a use-after-free vulnerability, where the system attempts t...
USN-8547-1 linux-gcp-5.15, linux-intel-iotg-5.15 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8547-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - RISC-V architecture; - Cryptographic API; - InfiniBand drivers; - IOMMU subsystem; - Network drivers; -...
USN-8546-1 linux-raspi vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
USN-8545-1 linux-hwe-6.17 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - Block layer subsystem; - Cryptographic API; - DMA engine subsystem; - InfiniBand drivers; -...
SUSE-SU-2026:2997-1 Security update for the Linux Kernel (Live Patch 26 for SUSE Linux Enterprise 15 SP6)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.112 fixes various security issues The following security issues were fixed: - CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmcrelease bsc1264094. - CVE-2026-43037: ip6tunnel: clear skb2-cb in ip4ip6err bsc1265197. -...
CVE-2026-57968
Buffer over-read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally...
CVE-2026-57973
Time-of-check time-of-use toctou race condition in Windows Subsystem for Linux allows an authorized attacker to perform tampering locally...
CVE-2026-58632 Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
...
CVE-2026-58632
CVE-2026-58632 is a Windows Win32K use-after-free vulnerability in the Win32 Kernel Subsystem that could allow a locally authenticated attacker to escalate privileges. The CVE is described as a local elevation of privilege (no remote code execution). Public sources in the connected set consistent...