533 matches found
OPENSUSE-SU-2026:21222-1 Security update for systemd
This update for systemd fixes the following issues: Changes in systemd: - Better handle TLS allocation failure bsc1254924. - Disable mounting debugfs by default jscPED-8812. - Import commit 9e8b5afe0fb2061f4a17a3022469dd62f2683960 bsc1267647 bsc1267644 bsc1262305 bsc1263117. - Move systemd-pcrloc...
CVE-2026-13595
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
EUVD-2026-40053
A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, urbselectinterface could free the device’s MS config upon an error, but subsequent code still dereferenced it, resulting in a use after free in libusbudevselectinterface. This vulnerability has been fixed in...
Astra Linux – Vulnerability in freerdp3
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.22.0, the URBDRC client used server-supplied interface numbers as array indices without bounds checks, resulting in a out-of-bounds read in libusbudevselectinterface. This vulnerability has been fixed in version...
MGASA-2026-0208 Updated libinput packages fix security vulnerability
In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...
OESA-2026-2628 libinput security update
libinput is a library to handle input devices in Wayland compositors and to provide a generic X.Org input driver.It provides device detection, device handling, input device event processing and abstraction so minimize the amount of custom input code compositors need to provide the common set of...
[SECURITY] [DSA 6339-1] libinput security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6339-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 11, 2026 https://www.debian.org/security/faq -...
SUSE CVE-2026-50292
In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution...
Fedora 44 : libinput (2026-5e2446b30f)
The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-5e2446b30f advisory. libinput 1.31.3, fixes a udev property inject via uinput devices that can lead to local privilege escalation Tenable has extracted the preceding description...
CVE-2026-50265
Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...
UBUNTU-CVE-2026-50265
Rejected reason: This CVE ID was assigned as a duplicate of CVE-2026-50292...
EUVD-2026-34795
A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...
CVE-2026-50265
...
CVE-2026-50265
...
CVE-2026-50265
CVE-2026-50265 describes a local privilege escalation in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties via the libinput-device-group helper, which can lead to root code execution (e.g., through REMOVE_CMD properties executed when a device is removed). ...
CVE-2026-50265
This CVE ID was assigned as a duplicate of CVE-2026-50292...
CVE-2026-50265
A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...
Linux Distros Unpatched Vulnerability : CVE-2026-50265
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This...
libinput 安全漏洞
libinput is an open-source library from freedesktop. It provides a complete input stack for applications that need to handle input devices provided by the kernel. There is a security vulnerability in libinput, which stems from the ability to inject arbitrary udev properties through the...