CVE-2026-10299

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: do not leak PM reference in the error path. If gpminfcapplytimings fails, the PM runtime usage counter must be dropped...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2bttimings blanking fields in order to avoid integer overflows when the user space passes strange values. However, this...

CVE-2026-43477

In the Linux kernel, the following vulnerability has been resolved: drm/i915/vrr: Configure VRR timings after enabling TRANSDDIFUNCCTL Apparently ICL may hang with an MCE if we write TRANSVRRVMAX/FLIPLINE before enabling TRANSDDIFUNCCTL. Personally I was only able to reproduce a hang on an Dell X...

EUVD-2026-27661

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

CVE-2026-43264

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

CVE-2026-43264

The CVE-2026-43264 issue affects the Linux kernel fbdev subsystem, specifically in of_get_display_timings() where of_parse_phandle() returns a device_node with an incremented refcount. On certain error paths, native_mode’s refcount isn’t decremented, causing a refcount leak and potential resource...

CVE-2026-43264 fbdev: of: display_timing: fix refcount leak in of_get_display_timings()

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

CVE-2026-43264

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

CVE-2026-43264

In the Linux kernel, the following vulnerability has been resolved: fbdev: of: displaytiming: fix refcount leak in ofgetdisplaytimings ofparsephandle returns a devicenode with refcount incremented, which is stored in 'entry' and then copied to 'nativemode'. When the error paths at lines 184 or 19...

PT-2026-37604

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A refcount leak exists in the of get display timings function within the fbdev component. The of parse phandle function returns a device node with an incremented reference count, which i...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

A memory leak flaw, along with potential division by zero and integer overflow issues, have been detected in the Linux kernel’s V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as the VIDIOCSDVTIMINGS ioctl. This could allow a local user to crash the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010993)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010993 advisory. In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in oflpddr3getddrtimings We should add the ofnodeput when...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005621)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005621 advisory. In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in oflpddr3getddrtimings We should add the ofnodeput when...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004843)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004843 advisory. In the Linux kernel, the following vulnerability has been resolved: memory: of: Fix refcount leak bug in ofgetddrtimings We should add the ofnodeput when breaking ou...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993269 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/sun4i: dsi: Prevent underflow when computing packet sizes Currently, the packet overhead is...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

​​Whisper Leak: A novel side-channel attack on remote language models

Microsoft has discovered a new type of side-channel attack on remote language models. This type of side-channel attack could allow a cyberattacker a position to observe your network traffic to conclude language model conversation topics, despite being end-to-end encrypted via Transport Layer...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988821)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988821 advisory. In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verif...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990152)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990152 advisory. In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verif...