Skip to content

TheWindowsUpdate.com

Opinions, tips, and news orbiting Microsoft

Search for:

Primary menu

Home
About TheWindowsUpdate.com

Month: April 2026

CVE-2026-31646 net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31646 net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()→

Posted in Republished Content | Leave a reply

CVE-2026-31646 net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31646 net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()→

Posted in Republished Content | Leave a reply

CVE-2026-31606 usb: gadget: f_hid: don’t call cdev_init while cdev in use

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31606 usb: gadget: f_hid: don’t call cdev_init while cdev in use→

Posted in Republished Content | Leave a reply

CVE-2026-31606 usb: gadget: f_hid: don’t call cdev_init while cdev in use

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31606 usb: gadget: f_hid: don’t call cdev_init while cdev in use→

Posted in Republished Content | Leave a reply

CVE-2026-31555 futex: Clear stale exiting pointer in futex_lock_pi() retry path

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31555 futex: Clear stale exiting pointer in futex_lock_pi() retry path→

Posted in Republished Content | Leave a reply

CVE-2026-31557 nvmet: move async event work off nvmet-wq

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31557 nvmet: move async event work off nvmet-wq→

Posted in Republished Content | Leave a reply

CVE-2026-31619 ALSA: fireworks: bound device-supplied status before string array lookup

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-31619 ALSA: fireworks: bound device-supplied status before string array lookup→

Posted in Republished Content | Leave a reply

CVE-2026-41079 OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users

Posted on April 26, 2026 by Syndicated News — No Comments ↓

Information published. Continue reading CVE-2026-41079 OpenPrinting CUPS: Heap out-of-bounds read in SNMP supply-level polling leaks stack memory to authenticated users→

Posted in Republished Content | Leave a reply

Post navigation

← Older posts

Newer posts →

Primary Sidebar Widget Area

Search for:

Recent Posts

Achieving success with AI
CVE-2026-50656 Microsoft Defender Elevation of Privilege Vulnerability
Introducing the next Surface Pro and Surface Laptop, built for performance and flexibility
Introducing the next Surface Pro and Surface Laptop, built for performance and flexibility
CVE-2026-54411 Linux-PAM through 1.7.2 contains an observable timing discrepancy (CWE-208) in the pam_userdb module’s plaintext-password comparison path in modules/pam_userdb/pam_userdb.c that allows a local or network-adjacent attacker able to repeatedly drive authentication through a calling service to recover the plaintext password of a target account by measuring response-timing differences. The comparison uses strncmp() (or strncasecmp() when PAM_ICASE_ARG is set) preceded by a length-equality check, so the time to reject a candidate depends on the index of the first differing byte and on whether the candidate’s length matches the stored password, leaking the password length and individual prefix bytes. The vulnerable path is reached when the administrator configures pam_userdb with crypt=none, with an unrecognized crypt method, or without a crypt= argument, causing the module to store and compare credentials in plaintext.

Archives

Copyright © 2026 TheWindowsUpdate.com. All Rights Reserved.

Theme: Catch Box by Catch Themes

Scroll Up