| CVE |
CVE-2026-43284 |
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can atta |
linux linux linux linux linux linux-nvidia-tegra linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-gcp linux-gke linux-riscv linux-riscv linux-riscv-6.17 linux-hwe-6.17 linux-hwe-6.8 linux-azure-fde linux-lowlatency-hwe-6.8 linux-riscv linux-riscv linux-nvidia-tegra linux-riscv-6.17 linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-hwe-7.0 linux-ibm linux-xilinx linux linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-hwe-7.0 linux-xilinx linux-nvidia-tegra linux-nvidia-tegra-igx linux linux-aws linux-nvidia-tegra-igx linux linux-nvidia-tegra linux-realtime linux-oracle linux-riscv-6.8 linux-riscv linux-riscv linux-riscv-6.17 linux-riscv linux linux-riscv-6.8 linux-riscv linux-riscv-7.0 linux-azure-nvidia linux-riscv-6.17 linux-nvidia-tegra
|
| CVE |
CVE-2026-43500 |
In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA |
linux linux linux linux linux linux-nvidia-tegra linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-gcp linux-gke linux-riscv linux-riscv linux-riscv-6.17 linux-hwe-6.17 linux-hwe-6.8 linux-azure-fde linux-lowlatency-hwe-6.8 linux-riscv linux-riscv linux-nvidia-tegra linux-riscv-6.17 linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-hwe-7.0 linux-ibm linux-xilinx linux linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-hwe-7.0 linux-xilinx linux-nvidia-tegra linux-nvidia-tegra-igx linux linux-aws linux-nvidia-tegra-igx linux linux-nvidia-tegra linux-realtime linux-oracle linux-riscv-6.8 linux-riscv linux-riscv linux-riscv-6.17 linux-riscv linux linux-riscv-6.8 linux-riscv linux-riscv-7.0 linux-azure-nvidia linux-riscv-6.17 linux-nvidia-tegra
|
| CVE |
CVE-2026-46333 |
In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fu |
linux linux linux linux linux linux-nvidia-tegra linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-gcp linux-gke linux-riscv linux-riscv linux-riscv-6.17 linux-hwe-6.17 linux-hwe-6.8 linux-azure-fde linux-lowlatency-hwe-6.8 linux-riscv linux-riscv linux-nvidia-tegra linux-riscv-6.17 linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-hwe-7.0 linux-ibm linux-xilinx linux linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-hwe-7.0 linux-xilinx linux-nvidia-tegra linux-nvidia-tegra-igx linux linux-aws linux-nvidia-tegra-igx linux linux-nvidia-tegra linux-realtime linux-oracle linux-riscv-6.8 linux-riscv linux-riscv linux-riscv-6.17 linux-riscv linux linux-riscv-6.8 linux-riscv linux-riscv-7.0 linux-azure-nvidia linux-riscv-6.17 linux-nvidia-tegra
|
| Launchpad |
2153962 |
net/rds: reset op_nents when zerocopy page pin fails |
linux linux linux linux linux linux-nvidia-tegra linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-gcp linux-gke linux-riscv linux-riscv linux-riscv-6.17 linux-hwe-6.17 linux-hwe-6.8 linux-azure-fde linux-lowlatency-hwe-6.8 linux-riscv linux-riscv linux-nvidia-tegra linux-riscv-6.17 linux-hwe-6.17 linux-riscv-6.8 linux-hwe-6.8 linux-hwe-7.0 linux-ibm linux-xilinx linux linux linux-hwe-6.17 linux-lowlatency-hwe-6.8 linux-hwe-7.0 linux-xilinx linux-nvidia-tegra linux-nvidia-tegra-igx linux linux-aws linux-nvidia-tegra-igx linux linux-nvidia-tegra linux-realtime linux-oracle linux-riscv-6.8 linux-riscv linux-riscv linux-riscv-6.17 linux-riscv linux linux-riscv-6.8 linux-riscv linux-riscv-7.0 linux-azure-nvidia linux-riscv-6.17 linux-nvidia-tegra
|
| Launchpad |
2152550 |
Resolute update: v7.0.3 upstream stable release |
linux linux-gcp linux-gke linux-azure-fde linux-hwe-7.0 linux-ibm linux linux-hwe-7.0 linux-aws linux-realtime linux-oracle linux-riscv linux-riscv linux-riscv-7.0
|
| Launchpad |
2152552 |
Resolute update: v7.0.4 upstream stable release |
linux linux-gcp linux-gke linux-azure-fde linux-hwe-7.0 linux-ibm linux linux-hwe-7.0 linux-aws linux-realtime linux-oracle linux-riscv linux-riscv linux-riscv-7.0
|
| Launchpad |
2152556 |
Resolute update: v7.0.5 upstream stable release |
linux linux-gcp linux-gke linux-azure-fde linux-hwe-7.0 linux-ibm linux linux-hwe-7.0 linux-aws linux-realtime linux-oracle linux-riscv linux-riscv linux-riscv-7.0
|
| Launchpad |
2152558 |
Resolute update: v7.0.6 upstream stable release |
linux linux-gcp linux-gke linux-azure-fde linux-hwe-7.0 linux-ibm linux linux-hwe-7.0 linux-aws linux-realtime linux-oracle linux-riscv linux-riscv linux-riscv-7.0
|
| Launchpad |
2148074 |
\ |
apparmor apparmor apparmor apparmor
|
| Launchpad |
2146747 |
[SRU] Add support for CS42L43B variant |
alsa-ucm-conf alsa-ucm-conf alsa-ucm-conf alsa-ucm-conf alsa-ucm-conf alsa-ucm-conf
|
| CVE |
CVE-2026-6637 |
Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user runni |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6475 |
Symlink following in PostgreSQL pg_basebackup plain format and in pg_rewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgr |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6477 |
Use of inherently dangerous function PQfn(..., result_is_int=0, ...) in PostgreSQL libpq lo_export(), lo_read(), lo_lseek64(), and lo_tell64() functi |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6478 |
Covert timing channel in comparison of MD5-hashed password in PostgreSQL authentication allows an attacker to recover user credentials sufficient to |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6472 |
Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use search_path to find user-defined types, inc |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6474 |
Externally-controlled format string in PostgreSQL timeofday() function allows an attacker to retrieve portions of server memory, via crafted timezone |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
| CVE |
CVE-2026-6575 |
Buffer over-read in PostgreSQL function pg_restore_attribute_stats() accepts array values of unmatched length, which causes query planning to read pa |
postgresql-18 postgresql-18 postgresql-18 postgresql-18
|
| CVE |
CVE-2026-6638 |
SQL injection in PostgreSQL logical replication ALTER SUBSCRIPTION ... REFRESH PUBLICATION allows a subscriber table creator to execute arbitrary SQL |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-17
|
| CVE |
CVE-2026-6476 |
SQL injection in PostgreSQL pg_createsubscriber allows an attacker with pg_create_subscription rights to execute arbitrary SQL as a superuser. The a |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-18 postgresql-18 postgresql-17 postgresql-17
|
| CVE |
CVE-2026-6473 |
Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and wri |
postgresql-18 postgresql-18 postgresql-17 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-18 postgresql-18 postgresql-17 postgresql-16 postgresql-16 postgresql-14 postgresql-14 postgresql-17
|
Packages changelogs