EUVD-2026-25443

In the Linux kernel, the following vulnerability has been resolved: pmdomain: bcm: bcm2835-power: Increase ASB control timeout The bcm2835asbcontrol function uses a tight polling loop to wait for the ASB bridge to acknowledge a request. During intensive workloads, this handshake intermittently...

CVE-2026-31550

CVE-2026-31550 is a Linux kernel issue in the bcm2835-power component. The bcm2835_asb_control() polling loop could fail to properly disable the V3D master ASB on BCM2711 under heavy workloads, leaving the V3D in a broken state and potentially causing bus faults or system hangs. The mitigation in...

Linux Distros Unpatched Vulnerability : CVE-2026-31550

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pmdomain: bcm: bcm2835-power: Increase ASB control timeout The bcm2835asbcontrol function uses a tight polling loop to wait for the ASB bridge to acknowledge a...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the reuse of timeout objects after their release in nftct, potentially leading to memory corrupti...

PT-2026-34902

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The bcm2835 asb control function employs a tight polling loop to wait for the ASB bridge to acknowledge a request. Under intensive workloads, this handshake can intermittently fail for t...

Fedora 43 : rpki-client (2026-27892c9184)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-27892c9184 advisory. rpki-client 9.8 - Various refactoring for improved compatibility with various libcrypto implementations and in CA/BGPsec certificate handling. - Fixed an...

PT-2026-35017

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the netfilter nft ct component. The function nft ct timeout obj destroy frees the timeout object using kfree immediately after nf ct untimeout, without...

CVE-2026-35225 Improper timeout handling in CODESYS EtherNetIP

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

CVE-2026-35225

Summary of CVE-2026-35225 (CODESYS EtherNet/IP adapter stack) : An unauthenticated remote attacker can exhaust all TCP connections, preventing legitimate clients from establishing new connections. Root cause cited in reports is improper timeout handling during connection management. Impact stated...

CVE-2026-35225 Improper timeout handling in CODESYS EtherNetIP

An unauthenticated remote attacker is able to exhaust all available TCP connections in the CODESYS EtherNet/IP adapter stack, preventing legitimate clients from establishing new connections...

[SECURITY] Fedora 43 Update: sudo-1.9.17-7.p2.fc43

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

EUVD-2026-24735

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle...

CVE-2026-6848

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle...

CVE-2026-6848

A flaw was found in Red Hat Quay. When Red Hat Quay requests password re-verification for sensitive operations, such as token generation or robot account creation, the re-authentication prompt can be bypassed. This allows a user with a timed-out session, or an attacker with access to an idle...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013668)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013668 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential stack-out-of-bounds write in ath9kwmirspcallback Fix a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013625)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013625 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with th...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013497)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013497 advisory. A use-after-free flaw was found in smb2isstatusiotimeout in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local...

CVE-2026-40939

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This...

CVE-2026-40939 DSF: Missing Session Timeout for OIDC Sessions

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This...

CVE-2026-40939 DSF: Missing Session Timeout for OIDC Sessions

The Data Sharing Framework DSF implements a distributed process engine based on the BPMN 2.0 and FHIR R4 standards. Prior to 2.1.0, OIDC-authenticated sessions had no configured maximum inactivity timeout. Sessions persisted indefinitely after login, even after the OIDC access token expired. This...