The Linux kernel received a defensive patch in April 2024 closing a dangerous input‑validation gap in the in‑kernel SMB server (ksmbd) that let a malicious userspace component return malformed IPC replies, potentially causing kernel memory corruption and service‑stopping crashes.
Background /...
Chromium developers have closed a high‑severity upstream bug — tracked as CVE‑2025‑10201 — that the Chromium project describes as an “inappropriate implementation in Mojo” which could be abused, via a crafted HTML page, to bypass Chrome’s site‑isolation protections on Android, Linux and...
