Linux Distros Unpatched Vulnerability : CVE-2026-46201

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix dma-buf attachment leak in xegemprimeimport When xedmabufinitobj fails, the attachment from dmabufdynamicattach is not detached. Add dmabufdetach...

Security update for the Linux Kernel (important)

openSUSE security update: security update for the linux kernel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20826-1 Rating: important References: bsc1215199 bsc1234634 bsc1241259 bsc1243603 bsc1248754 bsc1249104 bsc1250951 bsc1253471 bsc1254518...

Linux Distros Unpatched Vulnerability : CVE-2026-46147

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem...

Linux Distros Unpatched Vulnerability : CVE-2026-45913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that the...

Linux Distros Unpatched Vulnerability : CVE-2026-46116

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load ...

Linux Distros Unpatched Vulnerability : CVE-2026-46224

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage...

Alibaba Cloud Linux 3 : 0140: cloud-kernel bugfix, enhancement and (ALINUX3-SA-2026:0140)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0140 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-46333: In the Linux kernel, the following...

Linux Distros Unpatched Vulnerability : CVE-2026-45895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It...

Linux Distros Unpatched Vulnerability : CVE-2026-45851

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi: Fix reservation of unaccepted memory table The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted...

Linux Distros Unpatched Vulnerability : CVE-2026-45847

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: remove WARNONONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARNONONCE if...

Linux Distros Unpatched Vulnerability : CVE-2026-45886

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix bpfxdpstorebytes proto for read-only arg While making some maps in Cilium read-only from the BPF side, we noticed that the bpfxdpstorebytes proto is...

Linux Distros Unpatched Vulnerability : CVE-2026-46106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 eventfs: Update all the eventfsinodes from the events descriptor had...

Linux Distros Unpatched Vulnerability : CVE-2026-45925

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - thermal/of: Fix reference leak in thermalofcmlookup In thermalofcmlookup, trnp is obtained via ofparsephandle, but never released. Use the freedevicenode cleanu...

Linux Distros Unpatched Vulnerability : CVE-2026-45903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix memory access flags in helper prototypes After commit 37cce22dbd51 bpf: verifier: Refactor helper access type tracking, the verifier started relying on...

Linux Distros Unpatched Vulnerability : CVE-2026-45907

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: Fix deadlocks between devlink and netdev instance locks In the mentioned Fixes commit, various work tasks triggering devlink health reporter recovery...

CVE-2025-71304

A flaw was found in the Linux kernel's Smack module. A local user with privileges to modify Smack's Domain of Interpretation DOI values could cause a denial of service. By writing a previously used DOI value to /smack/doi, networking for non-ambient labels becomes disabled. This prevents network...

CVE-2025-71303

A flaw was found in the Linux kernel. Specifically, within the accel/amdxdna component, a timing issue, known as a race condition, exists during device power management. A local application could submit commands while the device is in an inconsistent state due to an incomplete resume operation...

CVE-2025-71307

A flaw was found in the Linux kernel's drm/panthor component. This vulnerability, a NULL pointer dereference, occurs during the firmware unplug process when the Microcontroller Unit MCU is in an unexpected state or its firmware is not initialized. This can lead to system instability or a denial o...

CVE-2025-71306

A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. This vulnerability involves a stack-out-of-bounds access within the imaappraisemeasurement function during the processing of bprmcreds for execution. An attacker could potentially trigger this flaw by causing...

CVE-2025-71309

A flaw was found in the Linux kernel's ntfs3 filesystem driver. An issue with incorrect lock ordering between the inode mutex and page locks during compressed frame reading can lead to a deadlock. This vulnerability allows a local attacker to cause a system to hang, resulting in a Denial of Servi...