UBUNTU-CVE-2026-46197

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: validate SVM ioctl nattr against buffer size Validate nattr field against the buffer size, preventing out-of-bounds buffer access via user-controlled attribute count. cherry picked from commit...

SUSE CVE-2025-71304

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

SUSE CVE-2026-46085

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxkad crypto unalignment handling Fix handling of a packet with a misaligned crypto length. Also handle non-ENOMEM errors from decryption by aborting. Further, remove the WARNONONCE so that it can't be remotely trigger...

PT-2026-44324

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix dma-buf attachment leak in xe gem prime import When xe dma buf init obj fails, the attachment from dma buf dynamic attach is not detached. Add dma buf detach before returning the error. Note: we cannot use goto out er...

CVE-2026-46100 fs: afs: revert mmap_prepare() change

In the Linux kernel, the following vulnerability has been resolved: fs: afs: revert mmapprepare change Partially reverts commit 9d5403b1036c "fs: convert most other genericfilemmap users to .mmapprepare". This is because the .mmap invocation establishes a refcount, but .mmapprepare is called at a...

SUSE-SU-2026:21761-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes one security issue The following security issue was fixed: - CVE-2026-43284: xfrm: esp: avoid in-place decrypt on shared skb frags bsc1264459...

PT-2026-37556

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skb may tx timestamp skb may tx timestamp may acquire sock::sk callback lock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt an...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: fs: Pass the ATGETATTRNOSEC flag to the getattr interface function. When vfsgetattrnosec calls the getattr interface function of a filesystem, the nosec flag should be propagated into this function, so that vfsgetattrnosec can be...

CVE-2026-31516 xfrm: prevent policy_hthresh.work from racing with netns teardown

In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policyhthresh.work from racing with netns teardown A XFRMMSGNEWSPDINFO request can queue the per-net work item policyhthresh.work onto the system workqueue. The queued callback, xfrmhashrebuild, retrieves the...

CVE-2026-31428

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: fix uninitialized padding leak in NFULAPAYLOAD buildpacketmessage manually constructs the NFULAPAYLOAD netlink attribute using skbput and skbcopybits, bypassing the standard nlareserve/nlaput helpers. Whi...

CVE-2026-31405

In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The ulemandatoryexthandlers and uleoptionalexthandlers tables in handleoneuleextension are declared with 255 elements valid indices 0-254, but the index htype is deriv...

SUSE SLES15 Security Update : kernel RT (Live Patch 6 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:0147-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0147-1 advisory. This update for the SUSE Linux Enterprise kernel 640-150700.7.22 fixes various security issues The following security issues were fixed: -...

CVE-2025-71090

CVE-2025-71090 describes a Linux kernel NFS daemon leak in nfsd4_add_rdaccess_to_wrdeleg(). The function overwrites fp->fi_fds[O_RDONLY] with a new nfsd_file even when a SHARE_ACCESS_READ is already open, thereby orphaning the prior reference. It previously stored the same nfsd_file pointer in...

CVE-2023-54245

CVE-2023-54245 concerns a Linux kernel vulnerability in ASoC: codecs: tx-macro where a KASAN slab-out-of-bounds read occurred (regcache_flat_read path). The issue manifested under syzkaller as a read from regcache_flat_read traced through regmap_READ/UPDATE_BITS and snd_soc_component_write_field,...

kernel: drm/gem: Acquire references on GEM handles for framebuffers

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attached to a DRM framebuffer. This leads to the release of the dma-buf backing the buffer object, if any. 1...

Security update for the Linux Kernel (Live Patch 71 for SUSE Linux Enterprise 12 SP5)

This update for the SUSE Linux Enterprise kernel 4.12.14-122.269 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2025-38617: net/packet: fix a race in packetsetring and packetnotifier...

kernel: ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init()

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix UB due to uninitialized stack access in ipvsprotocolinit Under certain kernel configurations when building with Clang/LLVM, the compiler does not generate a return or jump as the terminator instruction for...

Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise kernel 5.14.21-150400.24.144 fixes various security issues The following security issues were fixed: CVE-2022-50252: igb: Do not free qvector unless new one was allocated bsc1249847. CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989094)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989094 advisory. In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211stopap when switch from P2PGO type If the userspace tools switch from...

AZL-68915 CVE-2025-40049 affecting package kernel for versions less than 6.6.112.1-2

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a "KMSAN: uninit-value in squashfsgetparent" bug. This is caused by openbyhandleat being called with a file handle containing an invalid parent inode number. In...