SUSE CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

SUSE CVE-2026-46304

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid recursive nvmet-wq flush in nvmetctrlfree nvmettcpreleasequeuework runs on nvmet-wq and can drop the final controller reference through nvmetcqput. If that triggers nvmetctrlfree, the teardown path flushes...

CVE-2026-46274

A flaw was found in the Linux kernel's input/output work queue io-wq component. This vulnerability occurs because the system incorrectly handles work queue entries, leading to a stale pointer. A local attacker could exploit this issue by manipulating work queue operations. Successful exploitation...

UBUNTU-CVE-2026-46275

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciuart: fix UAFs and race conditions in close and init paths Vulnerabilities leading to Use-After-Free UAF and Null Pointer Dereference NPD conditions were observed in the lifecycle management of hciuart. The primary...

CVE-2026-46304

MODE C: The CVE-2026-46304 entry centers on the Linux kernel nvmet subsystem. The vulnerability stems from nvmet_tcp_release_queue_work() running on the nvmet-wq and possibly dropping the final controller reference through nvmet_cq_put(), which can trigger nvmet_ctrl_free() and flush ctrl->asy...

CVE-2026-46274

In the Linux kernel, the following vulnerability has been resolved: io-wq: check that the predecessor is hashed in iowqremovepending iowqremovepending needs to fix up wq-hashtail if the cancelled work was the tail of its hash bucket. When doing this, it checks whether the preceding entry in...

PT-2026-47326

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.12-1.1 Description A flaw exists in the io wq remove pending function where it fails to verify if a predecessor entry is hashed when updating the wq-hash tail array. When a hashed bucket-0 work item is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the recursive flushing of the work queue in the nvmetctrlfree function within the nvmet module...

CVE-2026-46824

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

Oracle E-Business Suite (May 2026 CSPU)

The versions of Oracle E-Business Suite installed on the remote host are affected by multiple vulnerabilities as referenced in the May 2026 CSPU advisory. - Vulnerability in the Oracle iAssets product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected...

CVE-2026-46265

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix WQMEMRECLAIM warning When sunrpc is used, if a reset triggered, our wq may lead the following trace: workqueue: WQMEMRECLAIM xprtiod:xprtrdmaconnectworker rpcrdma is flushing !WQMEMRECLAIM...

CVE-2026-46265

The CVE-2026-46265 issue affects the Linux kernel RDMA/hns path. When sunrpc is in use and a reset occurs, QP destruction may lead to a WQ_MEM_RECLAIM dependency warning during workqueue flushing, risking kernel instability. The fixed code fixes the WQ_MEM_RECLAIM handling in the RDMA/hns path (Q...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper dependency checks in the work queue WQMEMRECLAIM, potentially leading to warnings...

CVE-2026-46824

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

CVE-2026-46824

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

EUVD-2026-33047

Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite component: Work Provider Site Level Administration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

CVE-2026-46126

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

UBUNTU-CVE-2026-46126

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

CVE-2026-46202

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: run inactivity autodim from workqueues The autodim code in hid-appletb-kbd takes backlightdevice-opslock via backlightdevicesetbrightness - mutexlock from two different atomic contexts: appletbinactivitytimer is...

CVE-2026-46126 RDMA/mana: Fix mana_destroy_wq_obj() cleanup in mana_ib_create_qp_rss()

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...