CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23173 net/mlx5e: TC, delete flows only for existing peers

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23173

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, delete flows only for existing peers When deleting TC steering flows, iterate only over actual devcom peers instead of assuming all possible ports exist. This avoids touching non-existent peers and ensures cleanup ...

CVE-2026-23157 btrfs: do not strictly require dirty metadata threshold for metadata writepages

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages BUG There is an internal report that over 1000 processes are waiting at the ioscheduletimeout of balancedirtypages, causing a system hang and trigger...

CVE-2026-23157 btrfs: do not strictly require dirty metadata threshold for metadata writepages

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not strictly require dirty metadata threshold for metadata writepages BUG There is an internal report that over 1000 processes are waiting at the ioscheduletimeout of balancedirtypages, causing a system hang and trigger...

Linux Distros Unpatched Vulnerability : CVE-2026-23183

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cgroup/dmem: fix NULL pointer dereference when setting max An issue was triggered: BUG: kernel NULL pointer dereference, address: 0000000000000000 PF: superviso...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255594. CVE-2023-54142: gtp: Fix use-after-free in gtpencapdestroy bsc1256095...

kernel: Bluetooth: hci_event: call disconnect callback before deleting conn

A flaw was found in the Linux kernel in which a callback is not called when a Bluetooth peripheral is disconnected. This flaw leads to a use-after-free, which an attacker could use to escalate their privileges, corrupt system memory, or otherwise cause a denial of service...

RHBA-2025:6279 Red Hat Bug Fix Advisory: kernel bug fix and enhancement update

Bulletin has no description...

CVE-2026-23099

In the Linux kernel, the following vulnerability has been resolved: bonding: limit BONDMODE8023AD to Ethernet devices BONDMODE8023AD makes sense for ARPHRDETHER only. syzbot reported: BUG: KASAN: global-out-of-bounds in hwaddrcreate net/core/devaddrlists.c:63 inline BUG: KASAN: global-out-of-boun...

UBUNTU-CVE-2026-23104

In the Linux kernel, the following vulnerability has been resolved: ice: fix devlink reload call trace Commit 4da71a77fc3b "ice: read internal temperature sensor" introduced internal temperature sensor reading via HWMON. icehwmoninit was added to iceinitfeature and icehwmonexit was added to...

CVE-2026-23099 bonding: limit BOND_MODE_8023AD to Ethernet devices

In the Linux kernel, the following vulnerability has been resolved: bonding: limit BONDMODE8023AD to Ethernet devices BONDMODE8023AD makes sense for ARPHRDETHER only. syzbot reported: BUG: KASAN: global-out-of-bounds in hwaddrcreate net/core/devaddrlists.c:63 inline BUG: KASAN: global-out-of-boun...

kernel: mptcp: Use __sk_dst_get() and dst_dev_rcu() in mptcp_active_enable()

A use-after-free flaw was found in Multipath TCP in the Linux kernel in net/mptcp/ctrl.c:mptcpactiveenablecode due to concurrency problem. This flaw could allow an attacker to crash the system at device disconnect. This vulnerability could even lead to a kernel information leak problem...

CVE-2026-23025 mm/page_alloc: prevent pcp corruption with SMP=n

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005063)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005063 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005005 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: do not allow call hns3nicnetopen repeatedly hns3nicnetopen is not allowed to called...

CVE-2026-23010 ipv6: Fix use-after-free in inet6_addr_del().

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6addrdel. syzbot reported use-after-free of inet6ifaddr in inet6addrdel. 0 The cited commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary addresses in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004917)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004917 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't BUG if userspace injects an interrupt with GIF=0 Don't BUG/WARN on interrupt...

CVE-2026-22976

CVE-2026-22976 affects the Linux kernel’s net/sched sch_qfq, where two qfq_class objects can reference the same leaf_qdisc. In certain teardown paths (e.g., when a qdisc is pending destruction via tc_new_tfilter and another qdisc is root-attached), a shared leaf_qdisc may have q.qlen > 0 while...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000646)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000646 advisory. The sndtimerinterrupt function in sound/core/timer.c in the Linux kernel before 4.4.1 does not properly maintain a certain linked list, which allows local users to...