Skip to content

TheWindowsUpdate.com

Opinions, tips, and news orbiting Microsoft

Search for:

Primary menu

Home
About TheWindowsUpdate.com

CVE-2024-50066 mm/mremap: fix move_normal_pmd/retract_page_tables race

Posted on February 21, 2026 by Syndicated News — No Comments ↓

This post has been republished via RSS; it originally appeared at: MSRC Security Update Guide.

Information published.

This entry was posted in Republished Content by Syndicated News. Bookmark the permalink.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Comment *

Name *

Email *

Website

Δ

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Post navigation

← Previous Previous post: CVE-2022-27779 libcurl wrongly allows cookies to be set for Top Level Domains (TLDs) if thehost name is provided with a trailing dot.curl can be told to receive and send cookies. curl’s “cookie engine” can bebuilt with or without [Public Suffix List](https://publicsuffix.org/)awareness. If PSL support not provided a more rudimentary check exists to atleast prevent cookies from being set on TLDs. This check was broken if thehost name in the URL uses a trailing dot.This can allow arbitrary sites to set cookies that then would get sent to adifferent and unrelated site or domain.

Next → Next post: CVE-2024-46679 ethtool: check device is present when getting link settings

Primary Sidebar Widget Area

Search for:

Recent Posts

Microsoft and OpenAI joint statement on continuing partnership
CVE-2026-27571 nats-server websockets are vulnerable to pre-auth memory DoS
CVE-2025-69873 ajv (Another JSON Schema Validator) before 8.18.0 is vulnerable to Regular Expression Denial of Service (ReDoS) when the $data option is enabled. The pattern keyword accepts runtime data via JSON Pointer syntax ($data reference), which is passed directly to the JavaScript RegExp() constructor without validation. An attacker can inject a malicious regex pattern (e.g., “^(a|a)*$”) combined with crafted input to cause catastrophic backtracking. A 31-character payload causes approximately 44 seconds of CPU blocking, with each additional character doubling execution time. This enables complete denial of service with a single HTTP request against any API using ajv with $data: true for dynamic schema validation.
CVE-2026-27969 Vitess users with backup storage access can write to arbitrary file paths on restore
CVE-2026-27965 Vitess users with backup storage access can gain unauthorized access to production deployment environments

Archives

Copyright © 2026 TheWindowsUpdate.com. All Rights Reserved.

Theme: Catch Box by Catch Themes

Scroll Up