CVE-2024-42317 mm/huge_memory: avoid PMD-size page cache if needed
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-42317
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-42317
CVE-2025-21985 drm/amd/display: Fix out-of-bound accesses
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21985
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-21985
CVE-2024-46754 bpf: Remove tst_run from lwt_seg6local_prog_ops.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-46754
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-46754
CVE-2022-4543 A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4543
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-4543
CVE-2025-38656 wifi: iwlwifi: Fix error code in iwl_op_mode_dvm_start()
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38656
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-38656
CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-8732
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-8732
CVE-2024-53219 virtiofs: use pages instead of pointer for kernel direct IO
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-53219
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-53219
CVE-2026-24821 A heap-based buffer over-read that might affect a system that compiles untrusted Lua code in turanszkij/WickedEngine.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24821
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-24821
CVE-2025-68121 Unexpected session resumption in crypto/tls
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68121
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68121
CVE-2026-27141 Sending certain HTTP/2 frames can cause a server to panic in golang.org/x/net
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-27141
CVE-2026-26122 Microsoft ACI Confidential Containers Information Disclosure Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26122
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26122
CVE-2026-26125 Payment Orchestrator Service Elevation of Privilege Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26125
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26125
CVE-2026-26124 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26124
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26124
CVE-2026-21536 Microsoft Devices Pricing Program Remote Code Execution Vulnerability
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21536
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21536
CVE-2026-23651 Microsoft ACI Confidential Containers Elevation of Privilege Vulnerability
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-23651
CVE-2025-68146 filelock has TOCTOU race condition that allows symlink attacks during lock file creation
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68146
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-68146
CVE-2026-22701 filelock Time-of-Check-Time-of-Use (TOCTOU) Symlink Vulnerability in SoftFileLock
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22701
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-22701
CVE-2026-28364 In OCaml before 4.14.3 and 5.x before 5.4.1, a buffer over-read in Marshal deserialization (runtime/intern.c) enables remote code execution through a multi-phase attack chain. The vulnerability stems from missing bounds validation in the readblock() function, which performs unbounded memcpy() operations using attacker-controlled lengths from crafted Marshal data.
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28364
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-28364
CVE-2026-3494 MariaDB Server Audit Plugin Comment Handling Bypass
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-3494
CVE-2025-14524 bearer token leak on cross-protocol redirect
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-14524
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-14524
CVE-2025-10966 missing SFTP host verification with wolfSSH
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10966
Information published.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-10966