Articles from 2026
Browse all Windows news articles published in 2026
CVE-2026-31485: SPI fsl lpspi Teardown Race Can Crash DMA Transfers
A newly published Linux kernel CVE is drawing attention for a reason that should concern anyone running embedded or appliance-class Linux systems: CVE-2026-31485 is a use-after-free-style teardown rac
Btrfs CVE-2026-31519: broken subvolume dentries cause ENOENT and possible abort
Background A newly published Linux kernel CVE is drawing attention to a subtle but very real Btrfs failure mode:
Btrfs CVE-2026-31519: Subvolume Orphan Cleanup Flag Bug Causes ENOENT/EEXIST
CVE-2026-31519 is a classic example of a small-looking filesystem bug producing a very awkward operational failure mode. In Btrfs, a subvolume can wind up with a broken dentry state where directory li
CVE-2026-31446 ext4 UAF: Fixing a Sysfs Teardown Race
CVE-2026-31446 is a reminder that some of the most dangerous Linux kernel flaws are not dramatic crashes or headline-grabbing remote exploits, but small timing mistakes in teardown code that only appe
CVE-2026-31446 ext4 UAF Race: sysfs teardown and update_super_work explained
CVE-2026-31446 is the sort of Linux kernel bug that looks deceptively narrow until you follow the race all the way through the teardown path. The flaw sits in ext4’s update_super_work logic, where a w
Linux ext4 vulnerability exposes systems to memory data leaks via crafted filesystems
Linux administrators received a fresh reminder this week that ext4’s maturity does not make it immune to memory-safety bugs. CVE-2026-31449 is a slab-out-of-bounds read in the Linux kernel’s ext4 exte
CVE-2026-31510: Linux Bluetooth Stack Fix Prevents Null Pointer Dereference in L2CAP
Linux has published another Bluetooth kernel fix that looks small on the surface but matters for anyone tracking availability and stability risks in the network stack. CVE-2026-31510 covers a null-poi
CVE-2026-31449: Ext4 Bounds Check Fix Prevents Slab Out-of-Bounds Reads in Linux Kernel
CVE-2026-31449 is a reminder that some of the most consequential Linux kernel bugs are not flashy exploit chains, but narrow trust failures inside core filesystem machinery. In this case, the flaw sit
Linux Bluetooth L2CAP NULL Pointer Bug Lets Attackers Crash Kernel Remotely
Linux has published CVE-2026-31510 for a Bluetooth L2CAP bug that can crash the kernel when l2cap_sock_ready_cb touches a sk pointer without first checking whether it is NULL. The published record inc
CVE-2026-31489: Linux Kernel's meson-spicc Driver Double-Put Bug Poses Stability Risk
The Linux kernel’s newly published CVE-2026-31489 is a small-looking bug with a very familiar shape: a reference-counting mistake in driver teardown that can become a correctness and stability problem
Linux Kernel Patch CVE-2026-31431 Defaults to Safer Crypto Mode, Fixes Data Leak Bug
The Linux kernel’s algif_aead code has received a narrowly scoped but security-relevant fix in CVE-2026-31431, and the public record makes the intent unusually clear: the subsystem is being pushed bac
CVE-2026-31489: Critical Double-Put Bug in Meson SPI Controller Driver Patched
CVE-2026-31489 is a classic Linux kernel lifetime bug with outsized operational meaning: a seemingly small double-put in the Meson SPI controller driver can still turn into a crash, a teardown failure