1540 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-53332
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is...
CVE-2026-53332
A flaw was found in the Linux kernel's Qualcomm NGD Next Generation Display controller qcom-ngd-ctrl component. This vulnerability arises from a race condition where callbacks are registered before the NGD device is fully initialized. This can lead to the callbacks operating on uninitialized data...
CVE-2026-53347
A flaw was found in the Linux kernel's drm/virtio driver. When the virtio-gpu driver is configured with Kernel Mode Setting KMS disabled, the display-related atomic and modesetting components are not properly initialized. This can lead to the system attempting to access uninitialized data during...
UBUNTU-CVE-2026-53347
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...
CVE-2026-53347
CVE-2026-53347 affects the Linux kernel’s drm/virtio component (virtio-gpu) when built with KMS disabled. The issue: DRM atomic and modesetting aren’t initialized during driver removal/unbinding, leading to access of uninitialized data and possible kernel crash. The fix: skip shutting down the at...
EUVD-2026-40981
In the Linux kernel, the following vulnerability has been resolved: drm/virtio: Fix driver removal with disabled KMS DRM atomic and modesetting aren't initialized if virtio-gpu driver built with disabled KMS, leading to access of uninitialized data on driver removal/unbinding and crashing kernel...
EUVD-2026-40966
In the Linux kernel, the following vulnerability has been resolved: slimbus: qcom-ngd-ctrl: Register callbacks after creating the ngd When the remoteproc starts in parallel with the NGD driver being probed, or the remoteproc is already up when the PDR lookup is being registered, or in the...
CVE-2026-53167
A flaw was found in the Linux kernel's FUSE Filesystem in Userspace component. The FUSENOTIFYRETRIEVE operation did not properly restrict access to up-to-date folios, potentially allowing the exposure of uninitialized data from the page cache. This information disclosure vulnerability could allow...
SUSE CVE-2026-53167
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
CVE-2026-53082
A flaw was found in the 6pack hamradio driver within the Linux kernel. This vulnerability occurs because the system does not properly handle data with communication errors, causing it to process uninitialized information. An attacker with local access could potentially exploit this to gain...
RLSA-2023:2851 Moderate: freerdp security update
FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Security Fixes: freerdp: clients using /parallel command line switch might read...
freerdp security update
An update is available for freerdp. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released...
CVE-2026-53218
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftexthdr: fix register tracking for FPRESENT flag nftexthdrinit passes user-controlled priv-len to nftparseregisterstore, which marks that many bytes in the register bitmap as initialized. However, when...
CVE-2026-53167
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
UBUNTU-CVE-2026-53167
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
CVE-2026-53218
CVE-2026-53218 affects the Linux kernel netfilter nft_exthdr path. The root cause is a mismatch in register initialization: nft_exthdr_init() passes priv->len to nft_parse_register_store(), which marks that many bytes as initialized, but when NFT_EXTHDR_F_PRESENT is set the eval paths write on...
CVE-2026-53167 fuse: limit FUSE_NOTIFY_RETRIEVE to uptodate folios
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
EUVD-2026-39258
In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...
CVE-2026-53167
CVE-2026-53167 affects the Linux kernel’s FUSE path: FUSE_NOTIFY_RETRIEVE must be limited to uptodate folios since !uptodate folios may contain uninitialized data. The vulnerability is scoped to systems without automatic page-alloc zero init (CONFIG_INIT_ON_ALLOC_DEFAULT_ON or init_on_alloc=1). E...
PT-2026-52263
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the fuse module where FUSE NOTIFY RETRIEVE is not limited to uptodate folios. Because FUSE NOTIFY RETRIEVE is designed to return data already present in the page cache...