CVE-2026-31405

In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ulemandatoryexthandlers and uleoptionalexthandlers tables in handleoneuleextension are declared with 255 elements valid indices 0-254, but the index htype is deriv...

CVE-2026-30078

OpenAirInterface V2.2.0 AMF crashes when it receives an NGAP message with an invalid procedure code or invalid PDU-type, e.g., a message that requires InitiatingMessage but is sent as a successfulOutcome. This is the affected component and the underlying issue is improper handling of NGAP message...

EUVD-2026-18675

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

EUVD-2026-18664

In the Linux kernel, the following vulnerability has been resolved: iommu/sva: Fix crash in iommusvaunbinddevice domain-mm-iommumm can be freed by iommudomainfree: iommudomainfree mmdrop mmdrop mmpasiddrop After iommudomainfree returns, accessing domain-mm-iommumm may dereference a freed mm...

CVE-2026-23429

A flaw was found in the Linux kernel. Specifically, within the input/output memory management unit IOMMU subsystem, a memory management error can occur. When the iommusvaunbinddevice function is called, it may attempt to access a memory area that has already been freed. This can lead to a system...

CVE-2026-31398

A flaw was found in the Linux kernel's memory management unit MMU. A local user could exploit this vulnerability by manipulating memory operations, leading to incorrect page table entry PTE restoration for lazyfree folios during batch unmapping. This issue can cause memory pages with mixed writab...

CVE-2026-23435

A flaw was found in the Linux kernel's performance monitoring unit PMU subsystem. A race condition can occur during the unthrottling of performance events, leading to a mismatch between active performance counters and their corresponding event pointers. This can result in a NULL pointer dereferen...

CVE-2026-23432

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix use-after-free in mshvmapusermemory error path In the error path of mshvmapusermemory, calling vfree directly on the region leaves the MMU notifier registered. When userspace later unmaps the memory, the notifier fires...

Chromium: CVE-2026-5272 Heap buffer overflow in GPU

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the failure of the mshvmapusermemory function to unregister the MMU notifier, allowing for reuse...

PT-2026-30130

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86 pmu enable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP: x86 pe...

USN-8143-2 linux-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE

...

PT-2026-33152

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 147.0.7727.101 Description An out of bounds write in the GPU allows a remote attacker who has compromised the GPU process to potentially perform a sandbox escape via a crafted HTML page. An out of bounds write...

@dojo/cli-test-intern (>=0.1.0 <=2.0.0-beta3.1), express_mvc (>=4.1.1 <=4.3.10) +7 more potentially affected by CVE-2026-4800 via lodash-amd (>=4.16.4 <=4.17.23)

lodash-amd NPM version =4.16.4, =0.1.0, =4.1.1, =3.4.0, =0.0.1, =1.0.14, =0.0.7, =0.0.1, =0.1.5 - xirtam--matrix-operations =0.1.3 Source cves: CVE-2026-4800 Source advisory: OSV:GHSA-R5FR-RJXR-66JC...

USN-8143-1 linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - GPU drivers; - BTRFS file system; - GFS2 file system; - UDF file system; - NFC subsystem; -...

CVE-2026-23402

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...

UBUNTU-CVE-2026-23401

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Drop/zap existing present SPTE even when creating an MMIO SPTE When installing an emulated MMIO SPTE, do so after dropping/zapping the existing SPTE if it's shadow-present. While commit a54aa15c6bda3 was right about...

CVE-2026-23402 KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Only WARN in direct MMUs when overwriting shadow-present SPTE Adjust KVM's sanity check against overwriting a shadow-present SPTE with a another SPTE with a different target PFN to only apply to direct MMUs, i.e. on...

CVE-2026-23402

CVE-2026-23402 affects the Linux kernel KVM MMU on x86. The issue arises when overwriting a shadow-present SPTE with a different PFN, where KVM’s sanity check could allow harmful state changes in direct MMUs (i.e., MMUs without shadowed gPTEs). The problem is tracked in KVM’s mmu_set_spte path, a...