72 matches found
UBUNTU-CVE-2026-46290
In the Linux kernel, the following vulnerability has been resolved: x86/efi: Fix graceful fault handling after FPU softirq changes Since commit d02198550423 "x86/fpu: Improve crypto performance by making kernel-mode FPU reliably usable in softirqs", kernelfpubegin calls fpregslock which uses...
CVE-2026-25781
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...
CVE-2026-46032
A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM nSVM module. When a nested virtual machine exit VMEXIT occurs, if the restoration of the host's Control Register 3 CR3 fails, the system continues to operate with a corrupted state. This can lead to an unrecoverable error,...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fixed the issue where unrecoverable MCE calls the async handler from NMI. The machine check handler is not considered NMI on 64s. The earlier handler is the actual NMI handler; it schedules the machinecheckexception...
CVE-2025-15645
Ledger Nano X, Flex, and Stax devices contain a denial of service vulnerability in the MCU firmware update process due to missing validation of the resethandler parameter during firmware flashing. An attacker can provide a crafted resethandler address pointing to invalid memory or...
CVE-2026-25781
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...
PT-2026-42020
Name of the Vulnerable Software and Affected Versions Ledger Nano X affected versions not specified Ledger Flex affected versions not specified Ledger Stax affected versions not specified Description A denial of service issue exists in the MCU firmware update process. The flaw is caused by missin...
PT-2026-41816
in OpenHarmony v6.0 and prior versions allow a local attacker cause DOS and it cannot be recovered...
kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
CVE-2026-29643
XiangShan Open-source high-performance RISC-V processor commit edb1dfaf7d290ae99724594507dc46c2c2125384 2024-11-28 contains an improper exceptional-condition handling flaw in its CSR subsystem NewCSR. On affected versions, certain sequences of CSR operations targeting non-existent/custom CSR...
CVE-2026-35406
Aardvark-dns is an authoritative dns server for A/AAAA container records. From 1.16.0 to 1.17.0, a truncated TCP DNS query followed by a connection reset causes aardvark-dns to enter an unrecoverable infinite error loop at 100% CPU. This vulnerability is fixed in 1.17.1...
kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
kernel: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the reset thread resets them, the task management thread accesses an invalid queue ID 0xFFFF, s...
Rockwell Automation CompactLogix 5370 Denial of Service Vulnerability
Rockwell Automation CompactLogix 5370 is a programmable logic controller from Rockwell Automation. The Rockwell Automation CompactLogix 5370 suffers from a denial of service vulnerability that originates from sending a malformed CIP forward open message, which can be exploited by an attacker to...
CVE-2025-59895
Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...
CVE-2025-59466
We have identified a bug in Node.js error handling where "Maximum call stack size exceeded" errors become uncatchable when asynchooks.createHook is enabled. Instead of reaching process.on'uncaughtException', the process terminates, making the crash unrecoverable. Applications that rely on...
Rockwell Automation多款产品 安全漏洞
The Rockwell Automation Micro820, among others, is a programmable controller from Rockwell Automation. A security vulnerability exists in several Rockwell Automation products that stems from improper handling of malformed CIP packets, which could cause the controller to enter an unrecoverable fau...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from allowing dirty page tracking when the IOMMU is in non-consistent mode, which could lead to unrecoverable...
Rockwell Automation Compact GuardLogix 5370 Denial of Service Vulnerability
Rockwell Automation Compact GuardLogix 5370 is a safety programmable logic controller from Rockwell Automation. The Rockwell Automation Compact GuardLogix 5370 suffers from a denial of service vulnerability that originates from a failure when sending a specially crafted CIP unconnected explicit...