VIR Vulnerability Intelligence Relay

Search

Found 3,432 results in 288ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-43243 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add signal type check for dcn401 get_phyd32clk_src Trying to access link enc on a dpia link will cause a crash o…
CVE-2026-43237 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Refactor amdgpu_gem_va_ioctl for Handling Last Fence Update and Timeline Management v4 This commit simplifies the amd…
CVE-2026-43234 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU event when unregistering slave syzbot is reporting unregister_netdevice: waiting for netdevsim0 t…
CVE-2026-43228 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: hfs: Replace BUG_ON with error handling for CNID count checks In a06ec283e125 next_id, folder_count, and file_count in the super …
CVE-2026-43220 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iommu/amd: serialize sequence allocation under concurrent TLB invalidations With concurrent TLB invalidations, completion wait ra…
CVE-2026-43219 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: cpsw_new: Fix potential unregister of netdev that has not been registered yet If an error occurs during register_netdev() fo…
CVE-2026-43216 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skb_may_tx_timestamp() skb_may_tx_timestamp() may acquire sock::sk_callback_lock. The lock must not be take…
CVE-2026-43213 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate sequence number of TX release report Hardware rarely reports abnormal sequence number in TX release re…
CVE-2026-43204 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6asm: drop DSP responses for closed data streams 'Commit a354f030dbce ("ASoC: qcom: q6asm: handle the responses afte…
CVE-2026-43201 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: APEI/GHES: ARM processor Error: don't go past allocated memory If the BIOS generates a very small ARM Processor Error, or an inco…
CVE-2026-43199 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5e_ipsec_init_macs(…
CVE-2026-43198 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done…
CVE-2026-43197 critical 9.1 9.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console subsystem is not guaranteed to b…
CVE-2026-43195 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size mus…
CVE-2026-43191 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust PHY FSM transition to TX_EN-to-PLL_ON for TMDS on DCN35 [Why] A backport of the change made for DCN401 th…
CVE-2026-43185 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prepare_negotiation() casts an unsigned __u32 value fr…
CVE-2026-43176 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: validate release report content before using for RTL8922DE The commit 957eda596c76 ("wifi: rtw89: pci: validate…
CVE-2026-43172 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix 22000 series SMEM parsing If the firmware were to report three LMACs (which doesn't exist in hardware) then us…
CVE-2026-43165 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: hwmon: (nct7363) Fix a resource leak in nct7363_present_pwm_fanin When calling of_parse_phandle_with_args(), the caller is respon…
CVE-2026-43161 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Skip dev-iotlb flush for inaccessible PCIe device without scalable mode PCIe endpoints with ATS enabled and passed th…
CVE-2026-43153 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: remove xfs_attr_leaf_hasname The calling convention of xfs_attr_leaf_hasname() is problematic, because it returns a NULL buf…
CVE-2026-43137 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix NULL pointer dereference If there's a mismatch between the DAI links in the machine driver and the top…
CVE-2026-43131 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Fix null pointer dereference issue If SMU is disabled, during RAS initialization, there will be null pointer derefere…
CVE-2026-43129 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in ima_restore_measurement_…
CVE-2026-43127 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix circular locking dependency in run_unpack_ex Syzbot reported a circular locking dependency between wnd->rw_lock (sbi->…
CVE-2026-43126 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending ca…
CVE-2026-43125 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network mess…
CVE-2025-71294 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix NULL pointer issue buffer funcs If SDMA block not enabled, buffer_funcs will not initialize, fix the null pointer…
CVE-2025-71293 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/ras: Move ras data alloc before bad page check In the rare event if eeprom has only invalid address entries, allocatio…
CVE-2025-71290 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: misc: ti_fpc202: fix a potential memory leak in probe function Use for_each_child_of_node_scoped() to simplify the code and ensur…
CVE-2025-71289 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: handle attr_set_size() errors when truncating files If attr_set_size() fails while truncating down, the error is silent…
CVE-2025-71285 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels MHI stack offers the 'auto_queue' feature, which allows the MHI s…
CVE-2025-71273 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: Use devm_kmemdup() in rtw_set_supported_band() Simplify the code by using device managed memory allocations. This a…
CVE-2025-71272 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: most: core: fix resource leak in most_register_interface error paths The function most_register_interface() did not correctly rel…
CVE-2026-43119 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: annotate data-races around hdev->req_status __hci_cmd_sync_sk() sets hdev->req_status under hdev->req_lock: …
CVE-2026-43118 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name o…
CVE-2026-43116 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master c…
CVE-2026-43115 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: srcu: Use irq_work to start GP in tiny SRCU Tiny SRCU's srcu_gp_start_if_needed() directly calls schedule_work(), which acquires …
CVE-2026-43109 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: x86: shadow stacks: proper error handling for mmap lock 김영민 reports that shstk_pop_sigframe() doesn't check for errors from mmap_…
CVE-2026-43107 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfrm: account XFRMA_IF_ID in aevent size calculation xfrm_get_ae() allocates the reply skb with xfrm_aevent_msgsize(), then build…
CVE-2026-43101 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() We need to check __in6_dev_get() for possible NULL value…
CVE-2026-43088 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: af_key: zero aligned sockaddr tail in PF_KEY exports PF_KEY export paths use `pfkey_sockaddr_size()` when reserving sockaddr…
CVE-2026-43083 critical 9.1 9.1 FIX slesdebian debianwindows windows 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace->type.bit6 is set: if (trace->type.bit6) { ... queue = skb_g…
CVE-2026-35579 critical 9.8 9.8 windows windows coredns.io 1mo ago CoreDNS has TSIG authentication bypass on gRPC and QUIC transports
CVE-2026-33489 high 7.5 7.5 windows windows coredns.io 1mo ago CoreDNS' transfer stanza selection uses lexicographic compare (subzone ACL bypass)
CVE-2026-33190 high 7.5 7.5 windows windows coredns.io 1mo ago CoreDNS has TSIG authentication bypass on DoT, DoH, DoH3, DoQ, and gRPC
CVE-2026-32936 high 7.5 7.5 windows windows coredns.io 1mo ago CoreDNS DoH GET oversized dns= query parameter causes pre-validation CPU and memory amplification
CVE-2026-32934 high 7.5 7.5 windows windows coredns.io 1mo ago CoreDNS' DoQ worker pool does not bound stream backlog
CVE-2026-25589 high 8.8 8.8 sleswindows windows redisbloom 1mo ago RedisBloom is a probabilistic data structures module for Redis. In all versions of RedisBloom before 2.8.20, the module does not properly validate serialized values processed through the Redis RESTOR…
CVE-2026-25588 high 8.8 8.8 sleswindows windows redistimeseries 1mo ago RedisTimeSeries is a time-series module for Redis. In all versions before 1.12.14 of RedisTimeSeries, the module does not properly validate serialized values processed through the Redis RESTORE comma…
CVE-2026-25243 high 8.8 8.8 slesdebian debianwindows windows redis 1mo ago RHSA-2026:23229: redis security update (Important)
CVE-2026-23631 high 8.1 8.1 slesdebian debianwindows windows redis 1mo ago Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-aft…
CVE-2026-23479 high 8.8 8.8 slesdebian debianwindows windows redis 1mo ago Redis is an in-memory data structure store. In redis-server from 7.2.0 until 8.6.3, the unblock client flow does not handle an error return from `processCommandAndResetClient` when re-executing a blo…
CVE-2026-43073 medium 5.5 5.5 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named '__copy_user_nocache()' function This function was a masterclass in bad naming, for various his…
CVE-2026-34956 medium 5.9 5.9 FIX slesdebian debianwindows windows 1mo ago A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with a…
CVE-2026-29168 high 7.3 7.3 FIX debian debian sleswindows windows apache 1mo ago Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's  mod_md via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users a…
CVE-2026-43870 high 7.3 7.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift vulnerable to Path Traversal, HTTP Request/Response Splitting, Uncontrolled Resource Consumption
CVE-2026-43868 medium 5.3 5.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has a Memory Allocation with Excessive Size Value Vulnerability
CVE-2026-43869 high 7.3 7.3 FIX debian debianwindows windows apache 1mo ago Apache Thrift has an Improper Validation of Certificate with Host Mismatch Vulnerability
CVE-2026-43964 high 7.5 7.5 FIX slesdebian debianwindows windows postfix 1mo ago Postfix before 3.8.16, 3.9 before 3.9.10, and 3.10 before 3.10.9 sometimes allows a buffer over-read and process crash via an enhanced status code that lacks text after the third number.
CVE-2026-42154 high 7.5 7.5 slesdebian debianwindows windows prometheus 1mo ago Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the remote read endpoint (/api/v1/read) does not validate the declared decoded length in a…
CVE-2026-42151 high 7.5 7.5 FIX slesdebian debianwindows windows prometheus 1mo ago Prometheus is an open-source monitoring system and time series database. Prior to versions 3.5.3 and 3.11.3, the client_secret field in the Azure AD remote write OAuth configuration (storage/remote/a…
CVE-2026-37459 high 7.5 7.5 FIX debian debian sleswindows windows 1mo ago An integer underflow in FRRouting (FRR) stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message.
CVE-2026-37458 medium 6.5 6.5 FIX debian debian sleswindows windows frrouting 1mo ago Missing input validation in the MP_REACH_NLRI component of FRRouting (FRR) stable/10.0 to stable/10.6 allows authenticated attackers to cause a Denial of Service (DoS) via supplying a crafted UPDATE …
CVE-2026-33523 medium 6.5 6.5 FIX debian debian sleswindows windows apache 1mo ago HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are rec…
CVE-2026-33007 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago A NULL pointer dereference in the mod_authn_socache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. …
CVE-2026-33006 medium 4.8 4.8 FIX debian debian sleswindows windows apache 1mo ago A timing attack against mod_auth_digest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes th…
CVE-2026-29169 high 7.5 7.5 FIX debian debian sleswindows windows apache 1mo ago A NULL pointer dereference in mod_dav_lock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.mod_dav_lock is not used internally by mod_dav o…
CVE-2026-23918 high 8.8 9.8 EXPFIX debian debian sleswindows windows apache 1mo ago Double Free and possible RCE vulnerability in Apache HTTP Server with the HTTP/2 protocol. This issue affects Apache HTTP Server: 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-34032 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which f…
CVE-2026-33857 medium 5.3 5.3 FIX debian debian rhel sles apache 1mo ago Out-of-bounds Read vulnerability in mod_proxy_ajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the…
CVE-2026-34059 high 7.5 7.5 FIX debian debian rhel sles apache 1mo ago Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue.
CVE-2026-24072 high 8.8 8.8 FIX debian debian sleswindows windows apache 1mo ago An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgra…
CVE-2026-33846 high 7.5 7.5 FIX debian debian sleswindows windows 1mo ago RHSA-2026:20612: gnutls security update (Important)
CVE-2026-42258 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via unvalidated Symbol inputs
CVE-2026-42257 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via "raw" arguments to multiple commands
CVE-2026-42256 medium 6.5 6.5 slesdebian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to denial of service via high iteration count for `SCRAM-*` authentication
CVE-2026-42246 high 7.4 7.4 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to STARTTLS stripping via invalid response timing
CVE-2026-43058 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: media: vidtv: fix pass-by-value structs causing MSAN warnings vidtv_ts_null_write_into() and vidtv_ts_pcr_write_into() take their…
CVE-2026-7598 high 7.3 7.3 FIX debian debian sleswindows windows libssh2 1mo ago A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauth_password of the file src/userauth.c. Such manipulation of the argument username_len/p…
CVE-2026-37457 high 7.5 7.5 FIX debian debian sleswindows windows frrouting 1mo ago An off-by-one out-of-bounds write vulnerability in the bgp_flowspec_op_decode() function (bgpd/bgp_flowspec_util.c) of FRRouting (FRR) stable/10.0 allows attackers to cause a Denial of Service (DoS) …
CVE-2026-43053 medium 4.7 4.7 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: xfs: close crash window in attr dabtree inactivation When inactivating an inode with node-format extended attributes, xfs_attr3_n…
CVE-2026-43052 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211_tdls_oper When NL80211_TDLS_ENABLE_LINK is called, the code only checks if the stati…
CVE-2026-43049 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure Presently, if the force feedback initialisat…
CVE-2026-43048 high 8.8 8.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: HID: core: Mitigate potential OOB by removing bogus memset() The memset() in hid_report_raw_event() has the good intention of cle…
CVE-2026-43045 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mshv: Fix error handling in mshv_region_pin The current error handling has two issues: First, pin_user_pages_fast() can return a…
CVE-2026-43042 high 7.1 7.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platform_label{,s} pair The RCU-protected codepaths (mpls_forward, mpls_dump_routes) can have a…
CVE-2026-43037 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a clon…
CVE-2026-43036 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: use skb_header_pointer() for TCPv4 GSO frag_off check Syzbot reported a KMSAN uninit-value warning in gso_features_check() c…
CVE-2026-43033 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption When decrypting data that is not in-place (src …
CVE-2026-43029 high 7.5 7.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcp_recvmsg() syzbot reported a soft lockup in mptcp_recvmsg() [0]. When receiving data with MSG_PEE…
CVE-2026-43022 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: hci_cmd_sync_queue_once() return -EEXIST if exists hci_cmd_sync_queue_once() needs to indicate whether a que…
CVE-2026-43021 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: fix leaks when hci_cmd_sync_queue_once fails When hci_cmd_sync_queue_once() returns with error, the destroy …
CVE-2026-43019 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fix potential UAF in set_cig_params_sync hci_conn lookup and field access must be covered by hdev lock in se…
CVE-2026-43010 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Reject sleepable kprobe_multi programs at attach time kprobe.multi programs run in atomic/RCU context and cannot sleep. Howe…
CVE-2026-43009 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: bpf: Fix incorrect pruning due to atomic fetch precision tracking When backtrack_insn encounters a BPF_STX instruction with BPF_A…
CVE-2026-31777 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Check the error for index mapping The ctxfi driver blindly assumed a proper value returned from daio_device_index(),…
CVE-2026-31771 high 8.1 8.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: move wake reason storage into validated event handlers hci_store_wake_reason() is called from hci_event_pac…
CVE-2026-31769 high 7.8 7.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: gpib: fix use-after-free in IO ioctl handlers The IBRD, IBWRT, IBCMD, and IBWAIT ioctl handlers use a gpib_descriptor pointer aft…
CVE-2026-31767 medium 5.5 5.5 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsi: Don't do DSC horizontal timing adjustments in command mode Stop adjusting the horizontal timing values based on the…