CVE-2026-23130 wifi: ath12k: fix dead lock while flushing management frames

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit 1 converted the management transmission work item into a wiphy work. Since a wiphy work can only run under wiphy lock protection, a race condition happens in bel...

Siemens SCALANCE and RUGGEDCOM Improper Input Validation (CVE-2025-39853)

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix potential invalid access when MAC list is empty listfirstentry never returns NULL - if the list is empty, it still returns a pointer to an invalid object, leading to potential invalid memory access when dereferenced. Fi...

kernel: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing

In the Linux kernel, the following vulnerability has been resolved: net/sched: mqprio: fix stack out-of-bounds write in tc entry parsing TCAMQPRIOTCENTRYINDEX is validated using NLAPOLICYMAXNLAU32, TCQOPTMAXQUEUE, which allows the value TCQOPTMAXQUEUE 16. This leads to a 4-byte out-of-bounds stac...

SUSE CVE-2026-23085

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

UBUNTU-CVE-2026-23055

In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...

CVE-2026-23085 irqchip/gic-v3-its: Avoid truncating memory addresses

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v3-its: Avoid truncating memory addresses On 32-bit machines with CONFIGARMLPAE, it is possible for lowmem allocations to be backed by addresses physical memory above the 32-bit address limit, as found while...

Security update for the Linux Kernel

The SUSE Linux Enterprise 11 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-54168: RDMA/mlx4: Prevent shift wrapping in setusersqsize bsc1256053. CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1253291 bsc1253292...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37780)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37780 advisory. - In the Linux kernel, the following vulnerability has been resolved: isofs: Prevent the use of too small fid...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46797)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46797 advisory. - In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS...

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27433)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27433 advisory. - In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt7622-apmixedsys...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50023)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50023 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs lis...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38142)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38142 advisory. - In the Linux kernel, the following vulnerability has been resolved: hwmon: asus-ec-sensors check sensor inde...

SUSE CVE-2025-68821

In the Linux kernel, the following vulnerability has been resolved: fuse: fix readahead reclaim deadlock Commit e26ee4efbc79 "fuse: allocate ff-releaseargs only if release is needed" skips allocating ff-releaseargs if the server does not implement open. However in doing so, fusepreparerelease now...

CVE-2025-71118

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Avoid walking the Namespace if startnode is NULL Although commit 0c9992315e73 "ACPICA: Avoid walking the ACPI Namespace if it is not there" fixed the situation when both startnode and acpigblrootnode are NULL, the Linux...

CVE-2025-71100 wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cutxfilldesc TID getting from ieee80211gettid might be out of range of array size of staentry-tids, so check TID is less than MAXTIDCOUNT. Othwerwise, UBSAN warn: UBSAN:...

CVE-2025-68780 sched/deadline: only set free_cpus for online runqueues

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set freecpus for online runqueues Commit 16b269436b72 "sched/deadline: Modify cpudl::freecpus to reflect rd-online" introduced the cpudlset/clearfreecpu functions to allow the cpudl::freecpus mask to be...

CVE-2025-68769

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fsrecoverfsyncdata With below scripts, it will trigger panic in f2fs: mkfs.f2fs -f /dev/vdd mount /dev/vdd /mnt/f2fs touch /mnt/f2fs/foo sync echo 111 /mnt/f2fs/foo f2fsio fsync /mnt/f2fs/foo f2fsio...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: Crash: Fix for crashkernel resource shrinkage. When crashkernel is configured with a high reservation, shrinking its value below the low crashkernel reservation causes two issues: 1. Invalid crashkernel resource objects. 2. Kerne...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: Media: imon: Make sendpacket more robust syzbot reports that imon has three problems that result in hung tasks due to continuously holding the device lock 1. The first problem is that when usbrxcallbackintf0 receives an -EPROT...

PT-2026-27760

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Bluetooth L2CAP implementation. The code incorrectly handles multiple L2CAP ECRED CONN REQ requests, potentially leading to an overflow in the...