CVE-2026-46044

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

CVE-2026-46044

The CVE-2026-46044 entry concerns the Linux kernel’s ipmi:ssif path. Affected component is the ssif kthread used during IPMI interface initialization. The issue occurs when an error happens after the ssif kthread is created but before the main IPMI code starts the ssif interface, leading to the k...

CVE-2026-46044 ipmi:ssif: Clean up kthread on errors

In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Clean up kthread on errors If an error occurs after the ssif kthread is created, but before the main IPMI code starts the ssif interface, the ssif kthread will not be stopped. So make sure the kthread is stopped on an...

CVE-2026-45961

The CVE-2026-45961 entry concerns the Linux kernel gfs2 subsystem. It fixes two memory leaks in gfs2_fill_super() error paths when transitioning a filesystem to read-write mode: (1) kernel thread objects (logd/quotad) leaked if gfs2_freeze_lock_shared() fails after init_threads(), because fail_pe...

CVE-2026-45961 gfs2: fix memory leaks in gfs2_fill_super error path

In the Linux kernel, the following vulnerability has been resolved: gfs2: fix memory leaks in gfs2fillsuper error path Fix two memory leaks in the gfs2fillsuper error handling path when transitioning a filesystem to read-write mode fails. First leak: kthread objects threadstruct, taskstruct, etc...

CVE-2026-45949

The CVE concerns the Linux kernel hwrng subsystem. A race in hwrng_fill/hwrng_fillfn could cause use-after-free when unregistering while a fill thread is pending, or immediately after registration, leading to dead/unsafe cleanup of the hwrng_fill pointer. The fix serializes thread start/stop with...

CVE-2026-45888

The Linux kernel md/raid1 subsystem fixes a memory leak in raid1_run. When setup_conf() registers a thread via md_register_thread() and raid1_set_limits() fails, the error path previously didn’t unregister the thread, leaking md_thread and the thread resource. The patch adds md_unregister_thread(...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the gfs2 file system’s gfs2fillsuper function. The improper handling of this function, particular...

PT-2026-43828

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the gfs2 fill super error handling path when transitioning a filesystem to read-write mode fails. The first leak involves kthread objects, such as thread struct and...

PT-2026-44115

Name of the Vulnerable Software and Affected Versions pam usb versions prior to 0.9.0 Description This issue occurs in the deny remote feature of the PAM module, which is loaded into host processes such as sudo, login, GDM, and GNOME Shell. In multi-threaded environments like GDM, three functions...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition between the cleanup of the hwrngfill function and the thread termination in the...

PT-2026-43755

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the raid1 run function. This function calls setup conf, which registers a thread using md register thread. If the raid1 set limits function fails, the registered...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error that occurs after creating a kthread but without stopping that thread...

CVE-2026-46044

ipmi:ssif: Clean up kthread on errors...

PT-2026-43816

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the hardware random number generator hwrng core. The hwrng fill pointer is not cleared until the hwrng fillfn thread exits. Because hwrng unregister reads hwrn...

PT-2026-43917

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A deadlock occurs in the md/raid10 module during an array check operation when NOWAIT requests are processed. When a check is running, the system raises a barrier that blocks normal...

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

freerdp: FreeRDP: Denial of service due to use-after-free vulnerability

A flaw was found in FreeRDP. A remote attacker could exploit a use-after-free vulnerability in the xfSetWindowMinMaxInfo function. This occurs when a freed window pointer is dereferenced because the main thread concurrently deletes a window while the Remote Desktop Protocol RAIL channel thread is...

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...