CVE-2026-53199

A flaw was found in the Linux kernel's Hyper-V network virtual service client hvnetvsc component. This vulnerability occurs in the netvsccopytosendbuf function, where incorrect memory mapping of page buffer entries can lead to a system fault. Specifically, on 32-bit x86 systems with high memory...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer that is not initialized yet. If the KVP or VSS daemon starts before the VMBus channel’s ringbuffer is fully initialized, we can encounter a panic as follows: hvutils: Registering th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: fbdev: hypervfb: Fixed a hang that occurred in the kdump kernel when running on Hyper-V Gen 2 VMs. Hyper-V Gen 2 VMs boot via EFI and have a standard EFI framebuffer device. When the kdump kernel runs in such a VM, loading the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: HID: hyperv: fixed a possible memory leak in mousevscprobe If hidadddevice returns an error, it should call hiddestroydevice to free the hiddev that was allocated in hidallocatedevice...

Astra Linux – Vulnerability in Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: drm: Check that output polling is initialized before disabling it. In drmkmshelperpolldisable, check that output polling is initialized before disabling polling. If not, flag this as a warning. Additionally, in...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, Linux, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Fixed the flushtlbrange function when it is used to zap normal PMD entries PMD entries that point to page tables, along with the PTE entries in the pointed-to page table. In the arm64 version of flushtlbrange, there is a...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fixed the initialization of the device object in vmbusdeviceregister. Initialized the device’s dmamask,parms pointers and the device’s dmamask value before invoking deviceregister. This issue was addressed in...

Security update for qemu

This update for qemu fixes the following issues: CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. CVE-2026-2243: incorrect bounds check leads to heap...

SUSE-SU-2026:2386-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to hea...

SUSE-SU-2026:2385-1 Security update for qemu

This update for qemu fixes the following issues: - CVE-2026-2243: incorrect bounds check leads to heap out-of-bounds read and a 12-byte information leak when processing specially crafted VMDK files bsc1258509. - CVE-2026-3195: heap buffer overflow when reading input audio in the virtio-snd device...

SUSE-SU-2026:21883-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

SUSE-SU-2026:21912-1 Security update for qemu

This update for qemu fixes the following issues - CVE-2025-14876: qemu-kvm: Unbounded allocation in virtio-crypto bsc1255400. - CVE-2026-0665: out-of-bounds heap access can lead to a denial of service or potential memory corruption bsc1256484. - CVE-2026-2243: incorrect bounds check leads to heap...

EUVD-2026-32841

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

CVE-2026-46076

In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-021584)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-021584 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: util: Avoid accessing a ringbuffer not initialized yet If the KVP or VSS daemon star...

PT-2026-40216

Name of the Vulnerable Software and Affected Versions Windows Hyper-V affected versions not specified Description A use after free issue in Windows Hyper-V allows an unauthorized attacker to perform a guest-to-host attack to elevate privileges locally to SYSTEM level. Use after free is a memory...

EUVD-2026-28781

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPTRT This resolves the follow splat and lock-up when running with PREEMPTRT enabled on Hyper-V: 415.140818 BUG: scheduling while atomic: stress-ng-iomix/1048/0x00000002 415.14082...

UBUNTU-CVE-2026-43475

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPTRT This resolves the follow splat and lock-up when running with PREEMPTRT enabled on Hyper-V: 415.140818 BUG: scheduling while atomic: stress-ng-iomix/1048/0x00000002 415.14082...

CVE-2026-43475

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix scheduling while atomic on PREEMPTRT This resolves the follow splat and lock-up when running with PREEMPTRT enabled on Hyper-V: 415.140818 BUG: scheduling while atomic: stress-ng-iomix/1048/0x00000002 415.14082...

SUSE CVE-2026-33414

Podman is a tool for managing OCI containers and pods. Versions 4.8.0 through 5.8.1 contain a command injection vulnerability in the HyperV machine backend in pkg/machine/hyperv/stubber.go, where the VM image path is inserted into a PowerShell double-quoted string without sanitization, allowing $...