SUSE CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

EUVD-2025-210057

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthorgpuflushcaches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can recov...

PT-2026-45985

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Recover from panthor gpu flush caches failures We have seen a few cases where the whole memory subsystem is blocked and flush operations never complete. When that happens, we want to: - schedule a reset, so we can...

OPENSUSE-SU-2026:20878-1 Security update for sdbootutil

This update for sdbootutil fixes the following issues Security issue: - CVE-2026-25701: use of fixed directory /tmp/pcrlock.d.back in sdbootutil-update-predictions.service bsc1258241. Non security issues: Update to version 1+git20260506.25d47bf: - TPM based system does not auto-unlock encryption...

Fedora 45 : tailscale (2026-c3b7c062a3)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c3b7c062a3 advisory. Automatic update for tailscale-1.98.4-1.fc45. Changelog Sun May 31 2026 Jonathan Wright - 1.98.4-1 - update to 1.98.4 - Allow nftables to satisfy...

CVE-2026-10190 Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

CVE-2026-10190

CVE-2026-10190 affects Tenda W12 3.0.0.7(4763). The Web Management Interface contains a vulnerable function: cgiSysWebTimeoutSet in /bin/httpd. Manipulating the argument web_over_time triggers a denial of service. The vulnerability is exploitable remotely, and public exploit code exists. The prov...

CVE-2026-10190 Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.74763. This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the argument webovertime results in denial of service. It is possible to launch the attack remotely. The...

GHSA-XJHV-PP2R-6F82 BoxLite has a Timeout Bypass Vulnerability

Summary BoxLite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. BoxLite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, BoxLite sends a signal to kill the...

BoxLite has a Timeout Bypass Vulnerability

Summary BoxLite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. BoxLite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, BoxLite sends a signal to kill the...

PT-2026-45035

Summary BoxLite is a sandbox service that allows users to create lightweight virtual machines Boxes and run OCI containers within them. BoxLite allows users to configure a timeout for services running inside the virtual machine. When the timeout is triggered, BoxLite sends a signal to kill the...

SUSE CVE-2026-45871

In the Linux kernel, the following vulnerability has been resolved: tpm: st33zp24: Fix missing cleanup on getburstcount error getburstcount can return -EBUSY on timeout. When this happens, st33zp24send returns directly without releasing the locality acquired earlier. Use goto outerr to ensure...

SUSE CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

SUSE CVE-2026-45955

In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpuref not resurrected on suspend timeout When llbitmapsuspendtimeout times out waiting for percpuref to become zero, it returns -ETIMEDOUT without resurrecting the percpuref. The caller mdllbitmapdaemonfn...

SUSE CVE-2026-46073

In the Linux kernel, the following vulnerability has been resolved: hwmon: powerz Fix missing usbkillurb on signal interrupt waitforcompletioninterruptibletimeout returns -ERESTARTSYS when interrupted. This needs to abort the URB and return an error. No data has been received from the device so a...

CVE-2026-45941

A flaw was found in the Linux kernel's tpmi2cinfineon module. This vulnerability occurs when the getburstcount function fails due to a timeout, causing the system to not release an acquired locality. An attacker could potentially exploit this to cause a resource exhaustion, leading to a Denial of...

Linux Distros Unpatched Vulnerability : CVE-2026-45955

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: md/md-llbitmap: fix percpuref not resurrected on suspend timeout When llbitmapsuspendtimeout...

CVE-2026-45955

A flaw was found in the Linux kernel's md/md-llbitmap component. This vulnerability occurs when a suspend operation times out, failing to properly reset a critical internal reference. This oversight leaves the system's page control structure in an unusable state. This issue can lead to system...

CVE-2026-46073

A flaw was found in the Linux kernel's hwmon subsystem, specifically within the powerz driver. When a signal interrupt occurs during the waitforcompletioninterruptibletimeout function, the system fails to properly abort the USB Request Block URB. This oversight can lead to the kernel attempting t...

CVE-2026-46102

A flaw was found in the Linux kernel's network stream parser. This vulnerability occurs when the stream parser is unexpectedly stopped, such as during a message assembly timeout. A partially processed network message is not properly released from memory, leading to a memory leak. An attacker coul...