Articles from 2026
Browse all Windows news articles published in 2026
CVE-2026-31507: Linux kernel double-free in SMC splice with tee() leads to panic
In the Linux kernel, CVE-2026-31507 exposes a deceptively small-looking bug with outsized consequences: a double-free of smc_spd_priv when tee() duplicates an SMC splice pipe buffer. The flaw sits in
SMC CVE-2026-31507: tee() splice double-free leads to Linux kernel panic
The Linux kernel’s SMC networking stack is back in the security spotlight with CVE-2026-31507, a flaw that can turn a seemingly ordinary tee operation into a double-free and, in practice, a kernel cra
CVE-2026-31485: SPI fsl lpspi Teardown Race Can Crash DMA Transfers
A newly published Linux kernel CVE is drawing attention for a reason that should concern anyone running embedded or appliance-class Linux systems: CVE-2026-31485 is a use-after-free-style teardown rac
Btrfs CVE-2026-31519: broken subvolume dentries cause ENOENT and possible abort
Background A newly published Linux kernel CVE is drawing attention to a subtle but very real Btrfs failure mode:
Btrfs CVE-2026-31519: Subvolume Orphan Cleanup Flag Bug Causes ENOENT/EEXIST
CVE-2026-31519 is a classic example of a small-looking filesystem bug producing a very awkward operational failure mode. In Btrfs, a subvolume can wind up with a broken dentry state where directory li
CVE-2026-31446 ext4 UAF: Fixing a Sysfs Teardown Race
CVE-2026-31446 is a reminder that some of the most dangerous Linux kernel flaws are not dramatic crashes or headline-grabbing remote exploits, but small timing mistakes in teardown code that only appe
CVE-2026-31446 ext4 UAF Race: sysfs teardown and update_super_work explained
CVE-2026-31446 is the sort of Linux kernel bug that looks deceptively narrow until you follow the race all the way through the teardown path. The flaw sits in ext4’s update_super_work logic, where a w
CVE-2026-31449: ext4 Fix Prevents Slab Out-of-Bounds Read in Extent Indexes
Linux administrators received a fresh reminder this week that ext4’s maturity does not make it immune to memory-safety bugs. CVE-2026-31449 is a slab-out-of-bounds read in the Linux kernel’s ext4 exte
CVE-2026-31510 Linux Bluetooth Fix: Prevent Null Deref in L2CAP
Linux has published another Bluetooth kernel fix that looks small on the surface but matters for anyone tracking availability and stability risks in the network stack. CVE-2026-31510 covers a null-poi
CVE-2026-31449 Ext4 Bounds Check Fix: Prevent Slab OOB Reads
CVE-2026-31449 is a reminder that some of the most consequential Linux kernel bugs are not flashy exploit chains, but narrow trust failures inside core filesystem machinery. In this case, the flaw sit
CVE-2026-31510: Linux Bluetooth L2CAP NULL Dereference Crash in Workqueue
Linux has published CVE-2026-31510 for a Bluetooth L2CAP bug that can crash the kernel when l2cap_sock_ready_cb touches a sk pointer without first checking whether it is NULL. The published record inc
CVE-2026-31489: Linux meson-spicc Double-Put in SPI Teardown Explained
The Linux kernel’s newly published CVE-2026-31489 is a small-looking bug with a very familiar shape: a reference-counting mistake in driver teardown that can become a correctness and stability problem