CVE-2026-46301

Publié : 8 juin 2026

Modifié : 8 juin 2026

Description détaillée

In the Linux kernel, the following vulnerability has been resolved: spi: topcliff-pch: fix use-after-free on unbind Give the driver a chance to flush its queue before releasing the DMA buffers on driver unbind

Références et Patchs

https://git.kernel.org/stable/c/0e8e57f9737ea257634db1d152fc430a0788a3e1 https://git.kernel.org/stable/c/36e58c436d2c2a797800427dc04d74ffd8b6ce1c https://git.kernel.org/stable/c/43334836b907adc21eab3079d2e6b26754468786 https://git.kernel.org/stable/c/4ca90deeca1c7dd72c1c380ba8143565516def2d https://git.kernel.org/stable/c/8822980668c96b5aa251c1e2daec1873262b8f3f https://git.kernel.org/stable/c/9d72732fe70c11424bc90ed466c7ccfa58b42a9a https://git.kernel.org/stable/c/d50ef3553acbacce6f2843304d41d06dca358bb6 https://git.kernel.org/stable/c/d79e92161b65832e0b8cad5f3d84d17e5cd7a970

Dernières Vulnérabilités

CVE-2026-44541

Fides is an open-source privacy engineering platform. From version 2.33.0 to before version 2.84.5, there is a DOM-based XSS vulnerability in fides.js via the fides_description override. This issue has been patched in version 2.84.5.

VOIR DÉTAILS

CVE-2026-40215

A race condition in OpenVPN 2.6.0 through 2.6.19 and 2.7_alpha1 through 2.7.1 allows remote attackers to potentially cause a server crash or leak heap memory via a use-after-free triggered during TLS session promotion.

VOIR DÉTAILS

CVE-2026-11585

A vulnerability was determined in CodeAstro Student Attendance Management System 1.0. Affected is an unknown function of the file /attendance-php/Admin/createClassArms.php. This manipulation of the argument classId causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

VOIR DÉTAILS