Aggregator

USN-8426-1: Linux kernel (Azure) vulnerabilities

12 hours 25 minutes ago
It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) It was discovered that the Linux kernel did not properly handle shared page fragments during socket buffer operations, collectively known as Dirty Frag. A logic flaw existed in the XFRM ESP-in-TCP subsystem and in the RxRPC networking subsystem when processing paged fragments. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43284, CVE-2026-43500) It was discovered that a logic flaw existed in the XFRM ESP-in-TCP subsystem in the Linux kernel when handling socket buffer fragments. This flaw is known as Fragnesia. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-43503, CVE-2026-46300) Qualys discovered that a race condition existed in the ptrace subsystem of the Linux kernel when privileged processes are exiting. An unprivileged local attacker could use this issue to expose sensitive information. (CVE-2026-46333) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - RDS protocol; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078, CVE-2026-43494, CVE-2026-46028)

atril-1.26.4-1.el8

14 hours 16 minutes ago
FEDORA-EPEL-2026-c0bb6674c7 Packages in this update:
  • atril-1.26.4-1.el8
Update description: atril 1.26.4
  • epub: use g_strndup for parsing document path
  • epub: validate epub content before parsing
atril 1.26.3
  • epub: Avoid crash when index list has extraneous entry
  • fix a incompatible pointer type warning for gcc14
  • Fix build with libxml2 2.12
  • fix memleak
  • pdf: Always use poppler_document_save to avoid data loss
  • ev-application: Quote user-supplied strings in ev_spawn command line

atril-1.26.4-1.el9

14 hours 16 minutes ago
FEDORA-EPEL-2026-abc540be8b Packages in this update:
  • atril-1.26.4-1.el9
Update description: atril 1.26.4
  • epub: use g_strndup for parsing document path
  • epub: validate epub content before parsing
atril 1.26.3
  • epub: Avoid crash when index list has extraneous entry
  • fix a incompatible pointer type warning for gcc14
  • Fix build with libxml2 2.12
  • fix memleak
  • pdf: Always use poppler_document_save to avoid data loss
  • ev-application: Quote user-supplied strings in ev_spawn command line

USN-8423-1: lwIP vulnerabilities

15 hours 28 minutes ago
It was discovered that lwIP contained a buffer overflow in the EAP authentication handling code. An attacker could possibly use this issue to trigger a buffer overflow, resulting in arbitrary code execution or a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-8597) It was discovered that lwIP incorrectly handled certain ICMPv6 or 6LoWPAN packets. An attacker could possibly use this issue to trigger a buffer overflow, resulting in information disclosure. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-22283, CVE-2020-22284) It was discovered that lwIP did not properly validate certain SNMPv3 authentication parameters. An attacker could possibly use this issue to trigger a stack-based buffer overflow, resulting in arbitrary code execution or a denial of service. (CVE-2026-8836)

chromium-149.0.7827.102-1.fc44

19 hours 32 minutes ago
FEDORA-2026-2debc85b3c Packages in this update:
  • chromium-149.0.7827.102-1.fc44
Update description:

Update to 149.0.7827.102

  • CVE-2026-11628: Use after free in Ozone
  • CVE-2026-11629: Use after free in Ozone
  • CVE-2026-11630: Use after free in File Input
  • CVE-2026-11631: Use after free in Aura
  • CVE-2026-11632: Use after free in TabStrip
  • CVE-2026-11633: Use after free in Bluetooth
  • CVE-2026-11634: Use after free in Gamepad
  • CVE-2026-11635: Use after free in Bluetooth
  • CVE-2026-11636: Use after free in Autofill
  • CVE-2026-11637: Use after free in Views
  • CVE-2026-11638: Use after free in Printing
  • CVE-2026-11639: Use after free in Compositing
  • CVE-2026-11640: Integer overflow in libyuv
  • CVE-2026-11641: Use after free in Bluetooth
  • CVE-2026-11642: Use after free in Web Apps
  • CVE-2026-11643: Use after free in Proxy
  • CVE-2026-11644: Use after free in Views
  • CVE-2026-11645: Out of bounds memory access in V8
  • CVE-2026-11646: Use after free in ViewTransitions
  • CVE-2026-11647: Use after free in Printing
  • CVE-2026-11648: Use after free in FullScreen
  • CVE-2026-11649: Use after free in V8
  • CVE-2026-11650: Use after free in V8
  • CVE-2026-11651: Use after free in Network
  • CVE-2026-11652: Use after free in Extensions
  • CVE-2026-11653: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11654: Use after free in CameraCapture
  • CVE-2026-11655: Integer overflow in Media
  • CVE-2026-11656: Use after free in ServiceWorker
  • CVE-2026-11657: Use after free in Payments
  • CVE-2026-11658: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11659: Insufficient validation of untrusted input in UI
  • CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11661: Use after free in Views
  • CVE-2026-11662: Type Confusion in Bindings
  • CVE-2026-11663: Use after free in Skia
  • CVE-2026-11664: Use after free in Payments
  • CVE-2026-11665: Out of bounds read in Dawn
  • CVE-2026-11666: Insufficient validation of untrusted input in Input
  • CVE-2026-11667: Out of bounds read in WebRTC
  • CVE-2026-11668: Uninitialized Use in Codecs
  • CVE-2026-11669: Integer overflow in Media
  • CVE-2026-11670: Use after free in PDF
  • CVE-2026-11671: Use after free in Navigation
  • CVE-2026-11672: Out of bounds write in GPU
  • CVE-2026-11673: Use after free in InterestGroups
  • CVE-2026-11674: Use after free in Guest View
  • CVE-2026-11675: Insufficient validation of untrusted input in Skia
  • CVE-2026-11676: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11677: Race in Network
  • CVE-2026-11678: Integer overflow in libyuv
  • CVE-2026-11679: Use after free in Codecs
  • CVE-2026-11680: Use after free in Media
  • CVE-2026-11681: Use after free in Ozone
  • CVE-2026-11682: Insufficient validation of untrusted input in Views
  • CVE-2026-11683: Use after free in WebCodecs
  • CVE-2026-11684: Insufficient policy enforcement in Network
  • CVE-2026-11685: Insufficient data validation in MediaCapture
  • CVE-2026-11686: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11687: Use after free in Dawn
  • CVE-2026-11688: Object lifecycle issue in SVG
  • CVE-2026-11689: Insufficient validation of untrusted input in Passwords
  • CVE-2026-11690: Out of bounds read and write in Media
  • CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11692: Use after free in Read Anything
  • CVE-2026-11693: Inappropriate implementation in Plugins
  • CVE-2026-11694: Use after free in ServiceWorker
  • CVE-2026-11695: Inappropriate implementation in Passwords
  • CVE-2026-11696: Uninitialized Use in Video
  • CVE-2026-11697: Insufficient validation of untrusted input in UI
  • CVE-2026-11698: Use after free in Bluetooth
  • CVE-2026-11699: Use after free in Bluetooth
  • CVE-2026-11700: Use after free in Tracing
  • CVE-2026-11701: Insufficient validation of untrusted input in Guest View

chromium-149.0.7827.102-1.fc43

19 hours 32 minutes ago
FEDORA-2026-c5c0986fb6 Packages in this update:
  • chromium-149.0.7827.102-1.fc43
Update description:

Update to 149.0.7827.102

  • CVE-2026-11628: Use after free in Ozone
  • CVE-2026-11629: Use after free in Ozone
  • CVE-2026-11630: Use after free in File Input
  • CVE-2026-11631: Use after free in Aura
  • CVE-2026-11632: Use after free in TabStrip
  • CVE-2026-11633: Use after free in Bluetooth
  • CVE-2026-11634: Use after free in Gamepad
  • CVE-2026-11635: Use after free in Bluetooth
  • CVE-2026-11636: Use after free in Autofill
  • CVE-2026-11637: Use after free in Views
  • CVE-2026-11638: Use after free in Printing
  • CVE-2026-11639: Use after free in Compositing
  • CVE-2026-11640: Integer overflow in libyuv
  • CVE-2026-11641: Use after free in Bluetooth
  • CVE-2026-11642: Use after free in Web Apps
  • CVE-2026-11643: Use after free in Proxy
  • CVE-2026-11644: Use after free in Views
  • CVE-2026-11645: Out of bounds memory access in V8
  • CVE-2026-11646: Use after free in ViewTransitions
  • CVE-2026-11647: Use after free in Printing
  • CVE-2026-11648: Use after free in FullScreen
  • CVE-2026-11649: Use after free in V8
  • CVE-2026-11650: Use after free in V8
  • CVE-2026-11651: Use after free in Network
  • CVE-2026-11652: Use after free in Extensions
  • CVE-2026-11653: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11654: Use after free in CameraCapture
  • CVE-2026-11655: Integer overflow in Media
  • CVE-2026-11656: Use after free in ServiceWorker
  • CVE-2026-11657: Use after free in Payments
  • CVE-2026-11658: Insufficient validation of untrusted input in Extensions
  • CVE-2026-11659: Insufficient validation of untrusted input in UI
  • CVE-2026-11660: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11661: Use after free in Views
  • CVE-2026-11662: Type Confusion in Bindings
  • CVE-2026-11663: Use after free in Skia
  • CVE-2026-11664: Use after free in Payments
  • CVE-2026-11665: Out of bounds read in Dawn
  • CVE-2026-11666: Insufficient validation of untrusted input in Input
  • CVE-2026-11667: Out of bounds read in WebRTC
  • CVE-2026-11668: Uninitialized Use in Codecs
  • CVE-2026-11669: Integer overflow in Media
  • CVE-2026-11670: Use after free in PDF
  • CVE-2026-11671: Use after free in Navigation
  • CVE-2026-11672: Out of bounds write in GPU
  • CVE-2026-11673: Use after free in InterestGroups
  • CVE-2026-11674: Use after free in Guest View
  • CVE-2026-11675: Insufficient validation of untrusted input in Skia
  • CVE-2026-11676: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11677: Race in Network
  • CVE-2026-11678: Integer overflow in libyuv
  • CVE-2026-11679: Use after free in Codecs
  • CVE-2026-11680: Use after free in Media
  • CVE-2026-11681: Use after free in Ozone
  • CVE-2026-11682: Insufficient validation of untrusted input in Views
  • CVE-2026-11683: Use after free in WebCodecs
  • CVE-2026-11684: Insufficient policy enforcement in Network
  • CVE-2026-11685: Insufficient data validation in MediaCapture
  • CVE-2026-11686: Insufficient validation of untrusted input in Dawn
  • CVE-2026-11687: Use after free in Dawn
  • CVE-2026-11688: Object lifecycle issue in SVG
  • CVE-2026-11689: Insufficient validation of untrusted input in Passwords
  • CVE-2026-11690: Out of bounds read and write in Media
  • CVE-2026-11691: Insufficient validation of untrusted input in New Tab Page
  • CVE-2026-11692: Use after free in Read Anything
  • CVE-2026-11693: Inappropriate implementation in Plugins
  • CVE-2026-11694: Use after free in ServiceWorker
  • CVE-2026-11695: Inappropriate implementation in Passwords
  • CVE-2026-11696: Uninitialized Use in Video
  • CVE-2026-11697: Insufficient validation of untrusted input in UI
  • CVE-2026-11698: Use after free in Bluetooth
  • CVE-2026-11699: Use after free in Bluetooth
  • CVE-2026-11700: Use after free in Tracing
  • CVE-2026-11701: Insufficient validation of untrusted input in Guest View

Update to 149.0.7827.53

  • fix 429 CVEs ( CVE-2026-10881 through CVE-2026-11309)