CVE-2026-31438

CVE-2026-31438 affects the Linux kernel netfs code. A BUG occurs in netfs_limit_iter() when processing ITER_KVEC iterators (e.g., during core-dump to 9P), because ITER_KVEC is not dispatched like other supported types. The fix adds netfs_limit_kvec() (paralleling netfs_limit_bvec()) and dispatche...

CVE-2026-31438 netfs: Fix kernel BUG in netfs_limit_iter() for ITER_KVEC iterators

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix kernel BUG in netfslimititer for ITERKVEC iterators When a process crashes and the kernel writes a core dump to a 9P filesystem, kernelwrite creates an ITERKVEC iterator. This iterator reaches netfslimititer via...

CVE-2026-6386

In order to apply a particular protection key to an address range, the kernel must update the corresponding page table entries. The subroutine which handled this failed to take into account the presence of 1GB largepage mappings created using the shmcreatelargepage3 interface. In particular, it...

kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()

A flaw was found in the Linux kernel’s SMC Shared Memory Communication module: in smcclcprfxmatch, the function is called from smclistenwork without proper RCU or RTNL protection. The code previously used skdstgetsk-dev, which can lead to a use-after-free UAF condition if the sk’s destination is...

PT-2026-34418

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...

PT-2026-34361

In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk pud range can race with a concurrent thread refaulting the PUD leaf entry causing it to try walking a PMD range that has disappeared...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013733)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013733 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel...

FreeBSD : FreeBSD -- Kernel use-after-free bug in the TIOCNOTTY handler (971b5528-3def-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 971b5528-3def-11f1-bb07-bc241121aa0a advisory. The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4setattr function. When the truncation operation exceeds the inline capacity, the inline...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010787 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013036)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013036 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scoconnfree BUG: KASAN: slab-use-after-free in scoconnfree...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011011 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, cgroup: Fix kernel BUG in purgeeffectiveprogs Syzkaller reported a triggered kernel BUG as...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010942 advisory. In the Linux kernel, the following vulnerability has been resolved: nexthop: Forbid FDB status change while nexthop is in a group The kernel forbids the creation of...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013135 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 When walking through an inode...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007542 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when...

net/sched: cls_fw: fix NULL pointer dereference on shared blocks

...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006802 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...

EUVD-2026-18774

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via gettsinfo ethtool call which is possible while the interfa...

CVE-2026-23467 drm/i915/dmc: Fix an unlikely NULL pointer deference at probe

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

CVE-2026-23374

A flaw was found in the Linux kernel's blktrace component. This vulnerability arises when the tracingrecordcmdline function attempts to access a per-CPU variable in a preemptible context, which is an unsafe operation. A local attacker could exploit this to trigger a kernel bug, potentially leadin...