SUSE CVE-2026-31686

In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for kasan pXds kasanfreepxd assumes the page table is always struct page aligned. But that's not always the case for all architectures. E.g. In case of powerpc with 64K pagesize, PUD table of size 4096...

CVE-2026-31686

In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for kasan pXds kasanfreepxd assumes the page table is always struct page aligned. But that's not always the case for all architectures. E.g. In case of powerpc with 64K pagesize, PUD table of size 4096...

CVE-2026-31686

CVE-2026-31686 concerns the Linux kernel kasan double-free in kasan_remove_zero_shadow related to kasan_free_pxd() handling of pxd_page() vs start of the pxd table on architectures like PowerPC with 64K pages. The issue arises when the PUD table is not page-aligned, risking double-free during mem...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: btrfs: Adjust the subpage bit start based on the sector size. When running machines with a 64k page size and a 16k node size, we began to encounter tree log corruption in production. This occurred because we sometimes did not wri...

redis:6 security update

6.2.20-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.20-1 - rebase to 6.2.20 for CVE-2025-49844 CVE-2025-46817 CVE-2025-46818 CVE-2025-46819...

Oracle Linux 8 : redis:6 (ELSA-2025-19238)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19238 advisory. 6.2.20-1.0.1 - Build with 64k pages to support redis on both UEK6 and UEK7 on aarch64 6.2.20-1 - rebase to 6.2.20 for CVE-2025-49844 CVE-2025-46817...

Linux Distros Unpatched Vulnerability : CVE-2025-37931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: adjust subpage bit start based on sectorsize When running machines with 64k page size and a 16k nodesize we started seeing tree log corruption in...

CVE-2025-21851 bpf: Fix softlockup in arena_map_free on 64k page kernel

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arenamapfree on 64k page kernel On an aarch64 kernel with CONFIGPAGESIZE64KB=y, arenahtab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k pages on aarch64. It turn...

CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...

CVE-2024-26675 ppp_async: limit MRU to 64K

In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...

CVE-2024-26675

In the Linux kernel, the following vulnerability has been resolved: pppasync: limit MRU to 64K syzbot triggered a warning 1 in allocpages: WARNONONCEGFPorder MAXPAGEORDER, gfp Willem fixed a similar issue in commit c0a2a1b0d631 "ppp: limit MRU to 64K" Adopt the same sanity check for...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20190226)

Security Fixes : - kernel: MIDI driver race condition leads to a double-free CVE-2018-10902 Bug Fixes : - Previously backported upstream patch caused a change in the behavior of page fault handler. As a consequence, applications compiled through GNU Compiler Collection GCC version 4.4.7 sometimes...

sqlite security update

3.7.17-6.1 - Fixes for CVE-2015-3415 CVE-2015-3414 CVE-2015-3416 Resolves: rhbz1244731 3.7.17-6 - Release bump for ppc64le 3.7.17-5 - Release bump 3.7.17-4.1 - Backport 64k page fix from latest upstream 1118151...

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kpage-64k package of the OpenSUSE operating system can be exploited, leading to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

BlackBerry Link OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 BlackBerry Link是黑莓设备的同步软件。 BlackBerry Link所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 BlackBerry Link 1.x 目前没有详细解决方案： http://www.blackberry.com...

Attachmate Reflection OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 Attachmate Reflection是一款优秀的Unix终端仿真软件。 Attachmate Reflection所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 Attachmate Reflection 14.x 目前没有详细解决方案： http://www.attachmate.com/...

IBM XIV Storage System OpenSSL TLS/DTLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 IBM XIV Storage System是一款网格存储解决方案。 IBM XIV Storage System所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 IBM XIV Storage System 11.3.0 IBM XIV Storage System 11.3.0.a IBM XIV Storage System 11.3.1 IBM XIV Storage System 11.4.1...