MSRC Reports

CVE-2026-3338 PKCS7_verify Signature Validation Bypass in AWS-LC

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3338

12 views09:09

MSRC Reports

CVE-2026-23231 netfilter: nf_tables: fix use-after-free in nf_tables_addchain()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23231

13 views09:09

MSRC Reports

CVE-2025-71238 scsi: qla2xxx: Fix bsg_done() causing double free

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-71238

12 views09:09

MSRC Reports

CVE-2026-23236 fbdev: smscufx: properly copy ioctl memory to kernelspace

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23236

12 views09:09

MSRC Reports

CVE-2026-23865 An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23865

11 views09:09

MSRC Reports

CVE-2026-0038 In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-0038

10 views09:09

MSRC Reports

CVE-2026-3336 PKCS7_verify Certificate Chain Validation Bypass in AWS-LC

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3336

11 views09:09

MSRC Reports

CVE-2026-23238 romfs: check sb_set_blocksize() return value

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23238

11 views09:09

MSRC Reports

CVE-2026-23237 platform/x86: classmate-laptop: Add missing NULL pointer checks

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23237

10 views09:09

MSRC Reports

CVE-2026-23235 f2fs: fix out-of-bounds access in sysfs attribute read/write

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23235

10 views09:09

MSRC Reports

CVE-2026-23234 f2fs: fix to avoid UAF in f2fs_write_end_io()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23234

10 views09:09

MSRC Reports

CVE-2025-37745 PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-37745

11 views09:09

MSRC Reports

CVE-2024-57875 block: RCU protect disk->conv_zones_bitmap

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-57875

11 views10:09

MSRC Reports

CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-42317

10 views11:09

MSRC Reports

CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21985

11 views11:09

MSRC Reports

CVE-2024-46754 bpf: Remove tst_run from lwt_seg6local_prog_ops.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-46754

11 views12:09

MSRC Reports

CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4543

12 views12:09

MSRC Reports

CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38656

12 views12:09

MSRC Reports

CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-8732

13 views12:09

MSRC Reports

CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-53219

14 views12:09

MSRC Reports

CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.

Information published.

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24821

13 views13:09

About

Blog

Apps

Platform