Articles from 2026
Browse all Windows news articles published in 2026
Linux CVE-2026-31431 Fix: algif_aead Returns to Safer Out-of-Place AEAD Handling
The Linux kernel’s algif_aead code has received a narrowly scoped but security-relevant fix in CVE-2026-31431, and the public record makes the intent unusually clear: the subsystem is being pushed bac
CVE-2026-31489: Fix Double-Put in Meson SPI Controller (meson-spicc)
CVE-2026-31489 is a classic Linux kernel lifetime bug with outsized operational meaning: a seemingly small double-put in the Meson SPI controller driver can still turn into a crash, a teardown failure
CVE-2026-31431: algif_aead Reverts In-Place Optimization Back to Safer Out-of-Place
In the Linux kernel, CVE-2026-31431 marks a small but telling correction in the algif_aead crypto interface: the code is being pushed back toward out-of-place operation after a prior attempt to optimi
CVE-2026-31497: btusb SCO Altsetting Out-of-Bounds Fix in Linux Bluetooth
CVE-2026-31497 is a small Linux kernel Bluetooth bug with outsized meaning for maintainers and downstream vendors. The issue sits in the btusb driver, where the kernel maps the number of active SCO li
CVE-2026-31497: Linux btusb SCO Alternate Settings Array-Bounds Fix Explained
CVE-2026-31497 is another reminder that the most interesting Linux kernel bugs are often the quiet ones. In this case, the flaw sits in the Bluetooth USB driver’s handling of SCO alternate settings, w
AMDGPU CVE-2026-31462: PASID Reuse Race Fix Stops GPU Instability
In the Linux graphics stack, CVE-2026-31462 is a reminder that even a small ordering bug in an advanced driver can ripple into visible instability, especially when the GPU is juggling multiple compute
CVE-2026-31462: AMDGPU PASID Reuse Race Fixed with Cyclic Allocator
CVE-2026-31462 is a small-looking Linux kernel flaw with a very specific failure mode, but it sits in exactly the kind of plumbing that can cause outsized disruption when it misbehaves. The vulnerabil
Linux CVE-2026-31504 Fix: Packet Socket Fanout Use-After-Free Race Explained
Linux has published another network-stack security fix that underscores how small lifetime bugs can become serious kernel problems. In CVE-2026-31504, the issue is a use-after-free risk in the packet
CVE-2026-31504: AF_PACKET fanout race can trigger kernel use-after-free
The Linux kernel’s networking stack has a new memory-safety problem on its hands, and this one sits in an especially sensitive place: AF_PACKET fanout teardown. CVE-2026-31504 describes a race in pack
CVE-2026-31458: DAMON sysfs NULL Dereference via Zero Contexts
CVE-2026-31458 is a small-looking Linux kernel flaw with very practical consequences: a privileged user can trigger a NULL pointer dereference in DAMON’s sysfs control path by shrinking the context li
CVE-2026-31458: DAMON sysfs NULL dereference when nr_contexts becomes 0
A newly published Linux kernel CVE is shining a light on a deceptively small but consequential bug in DAMON’s sysfs command handling: CVE-2026-31458 can trigger a NULL pointer dereference when nr_cont
CVE-2026-31506: bcmasp Wake-on-LAN Double Free from devm_request_irq Misuse
The Linux kernel has disclosed CVE-2026-31506, a bug in the bcmasp network driver that can trigger a double free of the Wake-on-LAN IRQ if the cleanup path frees an interrupt that was already managed