161 matches found
CVE-2026-53319
In the Linux kernel, the following vulnerability has been resolved: blk-wbt: remove WARNONONCE from wbtinitenabledefault wbtinitenabledefault uses WARNONONCE to check for failures from wbtalloc and wbtinit. However, both are expected failure paths: - wbtalloc can return NULL under memory pressure...
Linux Distros Unpatched Vulnerability : CVE-2026-53126
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg...
CVE-2026-53126
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...
EUVD-2026-38994
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...
CVE-2026-53126
CVE-2026-53126 corresponds to a Linux kernel fix for a disk reference leak in blkcg_maybe_throttle_current. The issue occurred when blkcg lookup, blkg lookup, or blkg_tryget() failed and control flowed to the error path; the code released only rcu_read_unlock() and failed to release the disk refe...
CVE-2026-53126 blk-cgroup: fix disk reference leak in blkcg_maybe_throttle_current()
In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: fix disk reference leak in blkcgmaybethrottlecurrent Add the missing putdisk on the error path in blkcgmaybethrottlecurrent. When blkcg lookup, blkg lookup, or blkgtryget fails, the function jumps to the out label whi...
PT-2026-52020
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A disk reference leak occurs in the blkcg maybe throttle current function. When blkcg lookup, blkg lookup, or blkg tryget fails, the function fails to call put disk on the error path. Th...
MAL-2026-5909 Malicious code in react-hook-use-debounce-throttle-12 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector b0a4d8a0470a3e7fcb2da7cdb29ba6412125924a486aa6f4a437ccfbeb5ca4af package.json declares a postinstall hook that runs node -e to issue an HTTPS request to the bare IP 8.140.205.78 on port 80 with all errors silently...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: scsi: mpi3mr: Fixed the throttlegroups memory leak. Added a missing kfree function...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-throttle: Fixed an access race issue during the activation of the throttle policy. Upon repeated cold boots, we occasionally encounter a NULL pointer crash in blkshouldthrotl, when checking the throttle policy before the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevented overflow during the calculation of wait time. There is a problem identified during code review in tgwithinbpslimit; the expression ‘bpslimit jiffyelapsedrnd’ might cause an overflow. This issue can be fixe...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: blk-throttle: The BIOTHROTTLED flag is set when bio is throttled. 1. In the current process, all bio instances will set the BIOTHROTTLED flag after the blkthrotlbio function is called. 2. If bio needs to be throttled, the time...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021637)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021637 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: account for free pages to prevent infinite Loop in throttledirectreclaim The task...
throttlestop-poc
throttlestop-poc This is a simple Proof-of-Concept that abuses...
EUVD-2026-26268
Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.0.0 to before version 4.14.4, Wazuh's server API brute-force protection for POST /security/user/authenticate can be bypassed by sending concurrent authentication requests. Although the...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013820)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013820 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code revie...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011156)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011156 advisory. In the Linux kernel, the following vulnerability has been resolved: blk-throttle: prevent overflow while calculating wait time There is a problem found by code revie...
The vulnerability of the tg_with_in_bps_limit() function in the block/blk-throttle.c module, which supports the block-level kernel support in the Linux operating system, allows a hacker to trigger a service failure.
The vulnerability of the tgwithinbpslimit function in the block/blk-throttle.c module, which supports the block-level kernel in the Linux operating system, is related to integer overflow. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2026-26742
PX4 Autopilot versions 1.12.x through 1.15.x contain a protection mechanism failure in the "Re-arm Grace Period" logic. The system incorrectly applies the in-air emergency re-arm logic to ground scenarios. If a pilot switches to Manual mode and re-arms within 5 seconds default configuration of an...
CVE-2026-26741
PX4 Autopilot versions 1.12.x through 1.15.x contain a logic flaw in the mode switching mechanism. When switching from Auto mode to Manual mode while the drone is in the "ARMED" state after landing and before the automatic disarm triggered by the COMDISARMLAND parameter, the system lacks a thrott...