VIR Vulnerability Intelligence Relay

Search

Found 3,765 results in 366ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-7945 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient validation of untrusted input in COOP in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HT…
CVE-2026-7944 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient validation of untrusted input in Persistent Cache in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via …
CVE-2026-7937 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 29d ago Insufficient policy enforcement in DevTools in Google Chrome prior to 148.0.7778.96 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a c…
CVE-2026-7910 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Views in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. (Chromium security…
CVE-2026-7909 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 29d ago Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML pa…
CVE-2026-7908 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 29d ago Use after free in Fullscreen in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-5081 critical 9.1 9.1 debian debian 29d ago Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId (added in version 1.54) uses the value of the UNIQUE_…
CVE-2026-43208 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: net: do not pass flow_id to set_rps_cpu() Blamed commit made the assumption that the RPS table for each receive queue would have …
CVE-2026-43198 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock() is done…
CVE-2026-43197 critical 9.1 9.1 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: netconsole: avoid OOB reads, msg is not nul-terminated msg passed to netconsole from the console subsystem is not guaranteed to b…
CVE-2026-43186 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ipv6: ioam: fix heap buffer overflow in __ioam6_fill_trace_data() On the receive path, __ioam6_fill_trace_data() uses trace->node…
CVE-2026-43185 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix signededness bug in smb_direct_prepare_negotiation() smb_direct_prepare_negotiation() casts an unsigned __u32 value fr…
CVE-2026-43125 critical 9.8 9.8 FIX slesdebian debian linux-kernel 29d ago In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in dlm_dump_rsb_name() is not validated and comes from network mess…
CVE-2026-43117 critical 9.1 9.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: btrfs: tracepoints: get correct superblock from dentry in event btrfs_sync_file() If overlay is used on top of btrfs, dentry->d_s…
CVE-2026-43114 critical 9.4 9.4 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching fun…
CVE-2026-43083 critical 9.1 9.1 FIX slesdebian debianwindows windows 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ioam6: fix OOB and missing lock When trace->type.bit6 is set: if (trace->type.bit6) { ... queue = skb_g…
CVE-2026-44405 low 3.4 3.4 slesdebian debian 1mo ago Paramiko rsakey.py allows the SHA-1 algorithm
CVE-2026-28780 critical 9.8 9.8 FIX debian debian rhel sles apache 1mo ago Important: httpd security update
CVE-2026-43071 critical 9.1 9.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=…
CVE-2026-43067 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: handle wraparound when searching for blocks for indirect mapped blocks Commit 4865c768b563 ("ext4: always allocate blocks o…
CVE-2026-42027 critical 9.8 9.8 FIX debian debian apache 1mo ago Arbitrary Class Instantiation via Model Manifest in Apache OpenNLP ExtensionLoader Versions Affected: before 2.5.9, before 3.0.0-M3 Description:  The ExtensionLoader.instantiateExtension(C…
CVE-2026-40682 critical 9.1 9.1 FIX debian debian apache 1mo ago XML External Entity (XXE) via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor …
CVE-2025-70067 critical 9.8 9.8 debian debian sles 1mo ago Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file…
CVE-2026-43864 low 2.5 2.5 slesdebian debian 1mo ago mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
CVE-2026-43863 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
CVE-2026-43862 low 3.7 3.7 slesdebian debian 1mo ago In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
CVE-2026-43861 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 does not check for '\0' in url_pct_decode.
CVE-2026-43860 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest.
CVE-2026-43859 low 3.7 3.7 slesdebian debian 1mo ago mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest.
CVE-2026-42258 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via unvalidated Symbol inputs
CVE-2026-42257 critical 9.8 9.8 debian debianwindows windows ruby-lang 1mo ago net-imap vulnerable to command Injection via "raw" arguments to multiple commands
CVE-2026-31402 critical 9.8 9.8 FIX rhel sles rocky 1mo ago Important: kernel security update
CVE-2026-43039 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix missing data copy and wrong recycle in ZC RX dispatch emac_dispatch_skb_zc() allocates a new skb via n…
CVE-2026-43038 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko AI-review observed: In ip6_err_gen_icmpv6_unreach(), the …
CVE-2026-43037 critical 9.8 9.8 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the following problem. ip4ip6_err() calls icmp_send() on a clon…
CVE-2026-43011 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix potential double free of skb When alloc_skb fails in x25_queue_rx_frame it calls kfree_skb(skb) at line 48 and retur…
CVE-2026-42484 critical 9.8 9.8 debian debian hashcat 1mo ago A heap-based buffer overflow in hex_to_binary in the PKZIP hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted PKZIP hash fi…
CVE-2026-42483 critical 9.8 9.8 debian debian hashcat 1mo ago A heap-based buffer overflow in the Kerberos hash parser in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code via a crafted Kerberos hash file. The iss…
CVE-2026-42482 critical 9.8 9.8 debian debian sles hashcat 1mo ago A stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c in hashcat v7.1.2 allows an attacker to cause a denial of service or possibly execute arbitrary code v…
CVE-2026-31718 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger When a durable file handle survives session disconnect (TCP…
CVE-2026-31705 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds write in smb2_get_ea() EA alignment smb2_get_ea() applies 4-byte alignment padding via memset() after wr…
CVE-2026-40687 critical 9.1 9.1 FIX debian debian exim 1mo ago In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data process…
CVE-2026-40685 critical 9.8 9.8 FIX debian debian exim 1mo ago In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds heap write can occur when a JSON operator encounters malformed JSON in an untrusted header, because of an incorrect implementation…
CVE-2026-3832 low 3.7 3.7 FIX debian debian rhel gnuredhat 1mo ago A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a lo…
CVE-2026-7381 critical 9.1 9.1 debian debian miyagawa 1mo ago Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the c…
CVE-2026-22741 low 3.1 3.1 debian debian vmware 1mo ago Spring MVC and WebFlux applications are vulnerable to cache poisoning when resolving static resources.
CVE-2026-7360 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Insufficient validation of untrusted input. in Compositing in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a c…
CVE-2026-7351 low 3.1 3.1 FIX debian debian linux-kernelmacos macos google 1mo ago Race in MHTML in Google Chrome prior to 147.0.7727.138 allowed an attacker who convinced a user to install a malicious extension to leak cross-origin data via a crafted Chrome Extension. (Chromium se…
CVE-2026-7333 critical 9.6 9.6 FIX debian debian linux-kernelmacos macos google 1mo ago Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2026-41409 critical 9.8 9.8 FIX debian debian apache 1mo ago Apache MINA Vulnerable to Deserialization of Untrusted Data (CVE-2024-52046 Incomplete Fix)
CVE-2026-41635 critical 9.8 9.8 debian debian apache 1mo ago Apache MINA vulnerable to Deserialization of Untrusted Data
CVE-2026-4800 critical 9.8 9.8 FIX rheldebian debian rocky lodash 1mo ago Important: pcs security update
CVE-2026-6986 low 3.7 3.7 FIX debian debian cesanta 1mo ago A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Han…
CVE-2026-31685 critical 9.4 9.4 FIX sles rheldebian debian 1mo ago In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets `eui64_mt6()` derives a modified EUI-64 from the Ethernet source…
CVE-2026-31682 critical 9.1 9.1 FIX slesdebian debian linux-kernel google 1mo ago In the Linux kernel, the following vulnerability has been resolved: bridge: br_nd_send: linearize skb before parsing ND options br_nd_send() parses neighbour discovery options from ns->opt[] and as…
CVE-2026-41415 critical 9.1 9.1 debian debian teluu 1mo ago PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, there is an out-of-bounds read when parsing a malformed Content-ID URI in SIP multipart message bod…
CVE-2026-42044 critical 9.1 9.1 FIX debian debian axios 1mo ago Axios: Invisible JSON Response Tampering via Prototype Pollution Gadget in `parseReviver`
CVE-2026-42043 critical 10.0 10.0 FIX debian debian sles axios 1mo ago Axios: Incomplete Fix for CVE-2025-62718 — NO_PROXY Protection Bypassed via RFC 1122 Loopback Subnet (127.0.0.0/8) in Axios 1.15.0
CVE-2026-42040 low 3.7 3.7 FIX debian debian axios 1mo ago Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams
CVE-2026-41898 critical 9.8 9.8 FIX debian debian rust-openssl_project 1mo ago rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::set_psk_client_callback, set_psk_server_callbac…
CVE-2026-41681 critical 9.8 9.8 FIX debian debian rust-openssl_project 1mo ago rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.10.39 to before 0.10.78, EVP_DigestFinal() always writes EVP_MD_CTX_size(ctx) to the out buffer. If out is smaller th…
CVE-2026-41678 critical 9.8 9.8 FIX debian debian rust-openssl_project 1mo ago rust-openssl provides OpenSSL bindings for the Rust programming language. From to before 0.10.78, aes::unwrap_key() contains an incorrect assertion: it checks that out.len() + 8 <= in_.len(), but t…
CVE-2026-41677 critical 9.1 9.1 FIX debian debian rust-openssl_project 1mo ago rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.0 to before 0.10.78, the *_from_pem_callback APIs did not validate the length returned by the user's callback. A pa…
CVE-2026-41676 critical 9.8 9.8 FIX debian debian rust-openssl_project 1mo ago rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive (and PkeyCtxRef::derive) sets len = buf.len() and passes it as the in/out len…
CVE-2026-31669 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash table lookups are lockless and rely on SLAB_TYPESAFE_BY_RCU…
CVE-2026-31668 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel The seg6 lwtunnel uses a single dst_cache per encap route, s…
CVE-2026-31659 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject oversized global TT response buffers batadv_tt_prepare_tvlv_global_data() builds the allocation length for a g…
CVE-2026-31657 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: batman-adv: hold claim backbone gateways by reference batadv_bla_add_claim() can replace claim->backbone_gw and drop the old gate…
CVE-2026-31649 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix integer underflow in chain mode The jumbo_frm() chain-mode implementation unconditionally computes len = no…
CVE-2026-31637 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the …
CVE-2026-31636 critical 9.1 9.1 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer and t…
CVE-2026-31633 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to roun…
CVE-2026-31609 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: client: avoid double-free in smbd_free_send_io() after smbd_send_batch_flush() smbd_send_batch_flush() already calls smbd_fr…
CVE-2026-31608 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: server: avoid double-free in smb_direct_free_sendmsg after smb_direct_flush_send_list() smb_direct_flush_send_list() already…
CVE-2026-31589 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: mm: call ->free_folio() directly in folio_unmap_invalidate() We can only call filemap_free_folio() if we have a reference to (or …
CVE-2026-31536 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: smb: server: let send_done handle a completion without IB_SEND_SIGNALED With smbdirect_send_batch processing we likely have reque…
CVE-2026-6920 critical 9.6 9.6 FIX debian debian linux-kernel google 1mo ago Out of bounds read in GPU in Google Chrome on Android prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted …
CVE-2026-6919 critical 9.6 9.6 FIX debian debian linux-kernel google 1mo ago Use after free in DevTools in Google Chrome prior to 147.0.7727.117 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.…
CVE-2026-31533 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net/tls: fix use-after-free in -EBUSY error path of tls_do_encryption The -EBUSY handling in tls_do_encryption(), introduced by c…
CVE-2026-41196 critical 10.0 10.0 FIX debian debian minetest 1mo ago Luanti (formerly Minetest) is an open source voxel game-creation platform. Starting in version 5.0.0 and prior to version 5.15.2, a malicious mod can trivially escape the sandboxed Lua environment to…
CVE-2026-41179 critical 9.8 9.8 debian debian rclone 1mo ago RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution
CVE-2026-35381 low 2.5 FIX debian debian 1mo ago A logic error in the cut utility of uutils coreutils causes the utility to ignore the -s (only-delimited) flag when using the -z (null-terminated) and -d '' (empty delimiter) options together. The im…
CVE-2026-35377 low 2.5 debian debian 1mo ago uutils coreutils has an Improper Input Validation Issue in its env Utility
CVE-2026-35367 low 2.5 FIX debian debian 1mo ago uutils coreutils has an Incorrect Permission Assignment for Critical Resource
CVE-2026-35362 low 2.5 FIX debian debian 1mo ago The safe_traversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use (TOCTOU) symlink races using file-descriptor-relative syscalls, is incorrectly limited to…
CVE-2026-35361 low 2.5 FIX debian debian 1mo ago The mknod utility in uutils coreutils fails to handle security labels atomically by creating device nodes before setting the SELinux context. If labeling fails, the utility attempts cleanup using std…
CVE-2026-35353 low 2.5 FIX debian debian 1mo ago The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions (typically 0755) before subsequently changing them …
CVE-2026-35346 low 2.5 FIX debian debian 1mo ago The comm utility in uutils coreutils silently corrupts data by performing lossy UTF-8 conversion on all output lines. The implementation uses String::from_utf8_lossy(), which replaces invalid UTF-8 b…
CVE-2026-35379 low 3.3 3.3 FIX debian debian uutils 1mo ago A logic error in the tr utility of uutils coreutils causes the program to incorrectly define the [:graph:] and [:print:] character classes. The implementation mistakenly includes the ASCII space char…
CVE-2026-35378 low 3.3 3.3 FIX debian debian uutils 1mo ago A logic error in the expr utility of uutils coreutils causes the program to evaluate parenthesized subexpressions during the parsing phase rather than at the execution phase. This implementation flaw…
CVE-2026-35375 low 3.3 3.3 FIX debian debian uutils 1mo ago A logic error in the split utility of uutils coreutils causes the corruption of output filenames when provided with non-UTF-8 prefix or suffix inputs. The implementation utilizes to_string_lossy() wh…
CVE-2026-35371 low 3.3 3.3 debian debian uutils 1mo ago uutils coreutils's User Interface (UI) Misrepresents Critical Information
CVE-2026-35344 low 3.3 3.3 debian debian uutils 1mo ago uutils coreutils has an Unchecked Return Value Issue
CVE-2026-35343 low 3.3 3.3 FIX debian debian uutils 1mo ago The cut utility in uutils coreutils incorrectly handles the -s (only-delimited) option when a newline character is specified as the delimiter. The implementation fails to verify the only_delimited fl…
CVE-2026-35342 low 3.3 3.3 FIX debian debian uutils 1mo ago The mktemp utility in uutils coreutils fails to properly handle an empty TMPDIR environment variable. Unlike GNU mktemp, which falls back to /tmp when TMPDIR is an empty string, the uutils implementa…
CVE-2026-41176 critical 9.5 debian debian 1mo ago Rclone: Unauthenticated options/set allows runtime auth bypass, leading to sensitive operations and command execution
CVE-2026-31501 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: fix use-after-free of CPPI descriptor in RX path cppi5_hdesc_get_psdata() returns a pointer into the CPPI …
CVE-2026-31478 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() After this commit (e2b76ab8b5c9 "ksmbd: add supp…
CVE-2026-31463 critical 9.8 9.8 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: iomap: fix invalid folio access when i_blkbits differs from I/O granularity Commit aa35dd5cbc06 ("iomap: fix invalid folio access…
CVE-2026-31448 critical 9.4 9.4 FIX slesdebian debian linux-kernel 1mo ago In the Linux kernel, the following vulnerability has been resolved: ext4: avoid infinite loops caused by residual data On the mkdir/mknod path, when mapping logical blocks to physical blocks, if in…