632 matches found
GHSA-CWFQ-RFCR-8HMP Zebra's Transparent SIGHASH_SINGLE Handling Diverges from zcashd for Corresponding Outputs
Zebra Transparent SIGHASHSINGLE Corresponding-Output Handling Diverges From zcashd Summary For V5+ transparent spends, Zebra and zcashd disagree on the same consensus rule: SIGHASHSINGLE must fail when the input index has no corresponding output. zcashd treats this as consensus-invalid under...
Zebra's Transparent SIGHASH_SINGLE Handling Diverges from zcashd for Corresponding Outputs
Zebra Transparent SIGHASHSINGLE Corresponding-Output Handling Diverges From zcashd Summary For V5+ transparent spends, Zebra and zcashd disagree on the same consensus rule: SIGHASHSINGLE must fail when the input index has no corresponding output. zcashd treats this as consensus-invalid under...
CVE-2026-43241 ntb: ntb_hw_switchtec: Fix array-index-out-of-bounds access
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-43241
In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...
CVE-2026-31662
A flaw was found in the Linux kernel's Transparent Inter-Process Communication TIPC protocol. An attacker can exploit an integer underflow vulnerability by sending duplicate group acknowledgment messages GRPACKMSG. This causes the bcackers counter to wrap around, leading to persistent network...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a overflow in bcackers within tipc, potentially leading to broadcast blocking...
Rosemary 1.0.3
Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...
CVE-2026-31517
A flaw was found in the Linux kernel's IP-TFS IP-Transparent Fragmentation Service subsystem. A remote attacker could send specially crafted network packets that, during the reassembly process, cause the kernel to attempt an invalid operation on a network buffer. This improper handling of network...
Rosemary 1.0.2
Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...
Rosemary 1.0.1
Rosemary is a cross-platform transparent tunneling platform designed for network pivoting. Unlike traditional tools that rely on TUN/TAP interfaces or require per-application proxy configuration like proxychains, Rosemary intercepts traffic at the kernel level...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007288)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007288 advisory. In the Linux kernel, the following vulnerability has been resolved: NTB: fix possible name leak in ntbregisterdevice If deviceregister fails in ntbregisterdevice, th...
Incident response for AI: Same fire, different fuel
In this article 1. The fundamentals still hold 2. Where AI changes the equation 3. Closing the gaps in telemetry, tooling, and response 4. The human dimension 5. Looking ahead When a traditional security incident hits, responders replay what happened. They trace a known code path, find the defect...
SUSE CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
A flaw was found in the Linux kernel's Transparent Huge Pages THP mechanism. This vulnerability occurs because the filethpenabled function incorrectly allows THP for files on anonymous inodes, which are not designed for this feature. An attacker could potentially exploit this by manipulating...
EUVD-2026-15365
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
UBUNTU-CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
In the Linux kernel, the following vulnerability has been resolved: mm: thp: deny THP for files on anonymous inodes filethpenabled incorrectly allows THP for files on anonymous inodes e.g. guestmemfd and secretmem. These files are created via allocfilepseudo, which does not call getwriteaccess an...
CVE-2026-23375
CVE-2026-23375 (Linux kernel THP for anonymous inodes) – concrete details in connected docs : The issue arises from file_thp_enabled() incorrectly allowing/thp collapse for anonymous inodes created via alloc_file_pseudo() (e.g., guest_memfd, secretmem), enabling khugepaged/MADV_COLLAPSE exploits ...