PatchaPalooza — Recent CVE Activityhttps://patchapalooza.com/activity2026-03-21T00:37:11.000ZRecently modified Microsoft CVEs across all Patch Tuesday months.CVE-2026-27135: nghttp2 Denial of service: Assertion failure due to the missing state validationhttps://patchapalooza.com/cve/CVE-2026-27135#2026-03-21T00:37:11.000Z2026-03-21T00:37:11.000Znghttp2 Denial of service: Assertion failure due to the missing state validation (2026-Mar)CVE-2026-27459: pyOpenSSL DTLS cookie callback buffer overflowhttps://patchapalooza.com/cve/CVE-2026-27459#2026-03-21T00:37:02.000Z2026-03-21T00:37:02.000ZpyOpenSSL DTLS cookie callback buffer overflow (2026-Mar)CVE-2026-27448: pyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callbackhttps://patchapalooza.com/cve/CVE-2026-27448#2026-03-21T00:36:53.000Z2026-03-21T00:36:53.000ZpyOpenSSL allows TLS connection bypass via unhandled callback exception in set_tlsext_servername_callback (2026-Mar)CVE-2026-32775: https://patchapalooza.com/cve/CVE-2026-32775#2026-03-21T00:36:45.000Z2026-03-21T00:36:45.000Z (2026-Mar)CVE-2026-3479: pkgutil.get_data() does not enforce documented restrictionshttps://patchapalooza.com/cve/CVE-2026-3479#2026-03-21T00:03:01.000Z2026-03-21T00:03:01.000Zpkgutil.get_data() does not enforce documented restrictions (2026-Mar)CVE-2026-30922: pyasn1 Vulnerable to Denial of Service via Unbounded Recursionhttps://patchapalooza.com/cve/CVE-2026-30922#2026-03-21T00:02:51.000Z2026-03-21T00:02:51.000Zpyasn1 Vulnerable to Denial of Service via Unbounded Recursion (2026-Mar)CVE-2026-3633: Libsoup: libsoup: header and http request injection via crlf injectionhttps://patchapalooza.com/cve/CVE-2026-3633#2026-03-21T00:02:43.000Z2026-03-21T00:02:43.000ZLibsoup: libsoup: header and http request injection via crlf injection (2026-Mar)CVE-2026-3632: Libsoup: libsoup: http smuggling and server-side request forgery via malformed hostnameshttps://patchapalooza.com/cve/CVE-2026-3632#2026-03-21T00:02:34.000Z2026-03-21T00:02:34.000ZLibsoup: libsoup: http smuggling and server-side request forgery via malformed hostnames (2026-Mar)CVE-2026-3634: Libsoup: libsoup: http header injection and response splitting via crlf injection in content-type headerhttps://patchapalooza.com/cve/CVE-2026-3634#2026-03-21T00:02:26.000Z2026-03-21T00:02:26.000ZLibsoup: libsoup: http header injection and response splitting via crlf injection in content-type header (2026-Mar)CVE-2026-32766: astral-tokio-tar insufficiently validates PAX extensions during extractionhttps://patchapalooza.com/cve/CVE-2026-32766#2026-03-21T00:02:18.000Z2026-03-21T00:02:18.000Zastral-tokio-tar insufficiently validates PAX extensions during extraction (2026-Mar)CVE-2026-23276: net: add xmit recursion limit to tunnel xmit functionshttps://patchapalooza.com/cve/CVE-2026-23276#2026-03-21T00:01:49.000Z2026-03-21T00:01:49.000Znet: add xmit recursion limit to tunnel xmit functions (2026-Mar)CVE-2026-23271: perf: Fix __perf_event_overflow() vs perf_remove_from_context() racehttps://patchapalooza.com/cve/CVE-2026-23271#2026-03-21T00:01:44.000Z2026-03-21T00:01:44.000Zperf: Fix __perf_event_overflow() vs perf_remove_from_context() race (2026-Mar)CVE-2026-23272: netfilter: nf_tables: unconditionally bump set->nelems before insertionhttps://patchapalooza.com/cve/CVE-2026-23272#2026-03-21T00:01:38.000Z2026-03-21T00:01:38.000Znetfilter: nf_tables: unconditionally bump set->nelems before insertion (2026-Mar)CVE-2026-23278: netfilter: nf_tables: always walk all pending catchall elementshttps://patchapalooza.com/cve/CVE-2026-23278#2026-03-21T00:01:33.000Z2026-03-21T00:01:33.000Znetfilter: nf_tables: always walk all pending catchall elements (2026-Mar)CVE-2026-23277: net/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmithttps://patchapalooza.com/cve/CVE-2026-23277#2026-03-21T00:01:27.000Z2026-03-21T00:01:27.000Znet/sched: teql: fix NULL pointer dereference in iptunnel_xmit on TEQL slave xmit (2026-Mar)CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labelshttps://patchapalooza.com/cve/CVE-2026-23274#2026-03-21T00:01:22.000Z2026-03-21T00:01:22.000Znetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (2026-Mar)CVE-2026-23204: net/sched: cls_u32: use skb_header_pointer_careful()https://patchapalooza.com/cve/CVE-2026-23204#2026-03-21T00:01:16.000Z2026-03-21T00:01:16.000Znet/sched: cls_u32: use skb_header_pointer_careful() (2026-Feb)CVE-2026-23266: fbdev: rivafb: fix divide error in nv3_arb()https://patchapalooza.com/cve/CVE-2026-23266#2026-03-20T13:38:03.000Z2026-03-20T13:38:03.000Zfbdev: rivafb: fix divide error in nv3_arb() (2026-Mar)CVE-2026-23267: f2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writeshttps://patchapalooza.com/cve/CVE-2026-23267#2026-03-20T13:37:56.000Z2026-03-20T13:37:56.000Zf2fs: fix IS_CHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes (2026-Mar)CVE-2026-23259: io_uring/rw: free potentially allocated iovec on cache put failurehttps://patchapalooza.com/cve/CVE-2026-23259#2026-03-20T13:37:49.000Z2026-03-20T13:37:49.000Zio_uring/rw: free potentially allocated iovec on cache put failure (2026-Mar)CVE-2025-71265: fs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadatahttps://patchapalooza.com/cve/CVE-2025-71265#2026-03-20T13:37:34.000Z2026-03-20T13:37:34.000Zfs: ntfs3: fix infinite loop in attr_load_runs_range on inconsistent metadata (2026-Mar)CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_writehttps://patchapalooza.com/cve/CVE-2026-23243#2026-03-20T13:37:28.000Z2026-03-20T13:37:28.000ZRDMA/umad: Reject negative data_len in ib_umad_write (2026-Mar)CVE-2025-71267: fs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LISThttps://patchapalooza.com/cve/CVE-2025-71267#2026-03-20T13:37:21.000Z2026-03-20T13:37:21.000Zfs: ntfs3: fix infinite loop triggered by zero-sized ATTR_LIST (2026-Mar)CVE-2025-71266: fs: ntfs3: check return value of indx_find to avoid infinite loophttps://patchapalooza.com/cve/CVE-2025-71266#2026-03-20T13:37:15.000Z2026-03-20T13:37:15.000Zfs: ntfs3: check return value of indx_find to avoid infinite loop (2026-Mar)CVE-2026-23248: perf/core: Fix refcount bug and potential UAF in perf_mmaphttps://patchapalooza.com/cve/CVE-2026-23248#2026-03-20T13:37:08.000Z2026-03-20T13:37:08.000Zperf/core: Fix refcount bug and potential UAF in perf_mmap (2026-Mar)CVE-2026-23242: RDMA/siw: Fix potential NULL pointer dereference in header processinghttps://patchapalooza.com/cve/CVE-2026-23242#2026-03-20T13:37:01.000Z2026-03-20T13:37:01.000ZRDMA/siw: Fix potential NULL pointer dereference in header processing (2026-Mar)CVE-2026-23233: f2fs: fix to avoid mapping wrong physical block for swapfilehttps://patchapalooza.com/cve/CVE-2026-23233#2026-03-20T13:36:55.000Z2026-03-20T13:36:55.000Zf2fs: fix to avoid mapping wrong physical block for swapfile (2026-Mar)CVE-2025-71239: audit: add fchmodat2() to change attributes classhttps://patchapalooza.com/cve/CVE-2025-71239#2026-03-20T13:36:34.000Z2026-03-20T13:36:34.000Zaudit: add fchmodat2() to change attributes class (2026-Mar)CVE-2026-23241: audit: add missing syscalls to read classhttps://patchapalooza.com/cve/CVE-2026-23241#2026-03-20T13:36:27.000Z2026-03-20T13:36:27.000Zaudit: add missing syscalls to read class (2026-Mar)CVE-2026-23231: netfilter: nf_tables: fix use-after-free in nf_tables_addchain()https://patchapalooza.com/cve/CVE-2026-23231#2026-03-20T13:36:08.000Z2026-03-20T13:36:08.000Znetfilter: nf_tables: fix use-after-free in nf_tables_addchain() (2026-Mar)CVE-2025-71238: scsi: qla2xxx: Fix bsg_done() causing double freehttps://patchapalooza.com/cve/CVE-2025-71238#2026-03-20T13:36:01.000Z2026-03-20T13:36:01.000Zscsi: qla2xxx: Fix bsg_done() causing double free (2026-Mar)CVE-2026-23236: fbdev: smscufx: properly copy ioctl memory to kernelspacehttps://patchapalooza.com/cve/CVE-2026-23236#2026-03-20T13:35:54.000Z2026-03-20T13:35:54.000Zfbdev: smscufx: properly copy ioctl memory to kernelspace (2026-Mar)CVE-2025-71233: PCI: endpoint: Avoid creating sub-groups asynchronouslyhttps://patchapalooza.com/cve/CVE-2025-71233#2026-03-20T13:35:48.000Z2026-03-20T13:35:48.000ZPCI: endpoint: Avoid creating sub-groups asynchronously (2026-Feb)CVE-2026-23221: bus: fsl-mc: fix use-after-free in driver_override_show()https://patchapalooza.com/cve/CVE-2026-23221#2026-03-20T13:35:41.000Z2026-03-20T13:35:41.000Zbus: fsl-mc: fix use-after-free in driver_override_show() (2026-Feb)CVE-2026-26118: Azure MCP Server Tools Elevation of Privilege Vulnerabilityhttps://patchapalooza.com/cve/CVE-2026-26118#2026-03-20T06:00:00.000Z2026-03-20T06:00:00.000ZAzure MCP Server Tools Elevation of Privilege Vulnerability (2026-Mar)CVE-2026-3731: libssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-boundshttps://patchapalooza.com/cve/CVE-2026-3731#2026-03-20T00:38:05.000Z2026-03-20T00:38:05.000Zlibssh SFTP Extension Name sftp.c sftp_extensions_get_data out-of-bounds (2026-Mar)CVE-2024-8354: Qemu-kvm: usb: assertion failure in usb_ep_get()https://patchapalooza.com/cve/CVE-2024-8354#2026-03-20T00:36:25.000Z2026-03-20T00:36:25.000ZQemu-kvm: usb: assertion failure in usb_ep_get() (2024-Sep)CVE-2022-46456: NASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c.https://patchapalooza.com/cve/CVE-2022-46456#2026-03-20T00:35:47.000Z2026-03-20T00:35:47.000ZNASM v2.16 was discovered to contain a global buffer overflow in the component dbgdbg_typevalue at /output/outdbg.c. (2023-Jan)CVE-2006-10003: XML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stackhttps://patchapalooza.com/cve/CVE-2006-10003#2026-03-20T00:04:51.000Z2026-03-20T00:04:51.000ZXML::Parser versions through 2.47 for Perl has an off-by-one heap buffer overflow in st_serial_stack (2026-Mar)CVE-2006-10002: XML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crasheshttps://patchapalooza.com/cve/CVE-2006-10002#2026-03-20T00:04:46.000Z2026-03-20T00:04:46.000ZXML::Parser versions through 2.47 for Perl could overflow the pre-allocated buffer size cause a heap corruption (double free or corruption) and crashes (2026-Mar)CVE-2026-23229: crypto: virtio - Add spinlock protection with virtqueue notificationhttps://patchapalooza.com/cve/CVE-2026-23229#2026-03-20T00:04:38.000Z2026-03-20T00:04:38.000Zcrypto: virtio - Add spinlock protection with virtqueue notification (2026-Feb)CVE-2026-23228: smb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection()https://patchapalooza.com/cve/CVE-2026-23228#2026-03-20T00:04:33.000Z2026-03-20T00:04:33.000Zsmb: server: fix leak of active_num_conn in ksmbd_tcp_new_connection() (2026-Feb)CVE-2026-23227: drm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/freehttps://patchapalooza.com/cve/CVE-2026-23227#2026-03-20T00:04:28.000Z2026-03-20T00:04:28.000Zdrm/exynos: vidi: use ctx->lock to protect struct vidi_context member variables related to memory alloc/free (2026-Feb)CVE-2026-23222: crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctlyhttps://patchapalooza.com/cve/CVE-2026-23222#2026-03-20T00:04:23.000Z2026-03-20T00:04:23.000Zcrypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly (2026-Feb)CVE-2026-23220: ksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error pathshttps://patchapalooza.com/cve/CVE-2026-23220#2026-03-20T00:04:12.000Z2026-03-20T00:04:12.000Zksmbd: fix infinite loop caused by next_smb2_rcv_hdr_off reset in error paths (2026-Feb)CVE-2026-23214: btrfs: reject new transactions if the fs is fully read-onlyhttps://patchapalooza.com/cve/CVE-2026-23214#2026-03-20T00:04:07.000Z2026-03-20T00:04:07.000Zbtrfs: reject new transactions if the fs is fully read-only (2026-Feb)CVE-2026-23213: drm/amd/pm: Disable MMIO access during SMU Mode 1 resethttps://patchapalooza.com/cve/CVE-2026-23213#2026-03-20T00:04:02.000Z2026-03-20T00:04:02.000Zdrm/amd/pm: Disable MMIO access during SMU Mode 1 reset (2026-Feb)CVE-2026-23212: bonding: annotate data-races around slave->last_rxhttps://patchapalooza.com/cve/CVE-2026-23212#2026-03-20T00:03:57.000Z2026-03-20T00:03:57.000Zbonding: annotate data-races around slave->last_rx (2026-Feb)CVE-2026-23208: ALSA: usb-audio: Prevent excessive number of frameshttps://patchapalooza.com/cve/CVE-2026-23208#2026-03-20T00:03:53.000Z2026-03-20T00:03:53.000ZALSA: usb-audio: Prevent excessive number of frames (2026-Feb)CVE-2026-23191: ALSA: aloop: Fix racy access at PCM triggerhttps://patchapalooza.com/cve/CVE-2026-23191#2026-03-20T00:03:47.000Z2026-03-20T00:03:47.000ZALSA: aloop: Fix racy access at PCM trigger (2026-Feb)