PT-2026-47366

In the Linux kernel, the following vulnerability has been resolved: dm: fix a buffer overflow in ioctl processing Tony Asleson using Claude found a buffer overflow in dm-ioctl in the function retrieve status: 1. The code in retrieve status checks that the output string fits into the output buffer...

PT-2026-47382

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: fix access to stale wptr mapping Use drm exec to take both locks i.e vm root bo and wptr obj bo to access the mapping data properly. This fixes the security issue of unmap the wptr obj while a queue creation is ...

Linux Distros Unpatched Vulnerability : CVE-2026-46276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu: fix zero-size GDS range init on RDNA4 RDNA4 GFX 12 hardware removes the GDS, GWS, and OA on- chip memory resources. The gfxv120 initialisation code...

PT-2026-47353

In the Linux kernel, the following vulnerability has been resolved: vmalloc: fix buffer overflow in vrealloc node align Commit 4c5d3365882d "mm/vmalloc: allow to set node and align in vrealloc" added the ability to force a new allocation if the current pointer is on the wrong NUMA node, or if an...

Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2026-1817)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1817 advisory. In the Linux kernel, the following vulnerability has been resolved: i40e: remove read access to debugfs files CVE-2025-39901 In the Linux kernel, the following vulnerability has been resolved:...

Amazon Linux 2023 : nvidia-imex (ALAS2023NVIDIA-2026-288)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023NVIDIA-2026-288 advisory. NVIDIA Display Driver for Windows and Linux contains a vulnerability in the kernel driver, where a user could cause an incorrect permission assignment for a critical resource. A successfu...

TencentOS Server 3: kernel (TSSA-2026:0419)

"The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0419 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilitie...

TencentOS Server 2: kernel (TSSA-2026:0418)

"The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0418 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilitie...

Security update for the Linux Kernel (important)

openSUSE security update: security update for the linux kernel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20912-1 Rating: important References: bsc1243603 bsc1260539 bsc1260584 bsc1261590 bsc1262634 bsc1262656 bsc1262668 bsc1262754 bsc1262755...

PT-2026-47357

In the Linux kernel, the following vulnerability has been resolved: mtd: docg3: fix use-after-free in docg3 release In docg3 release, the docg3 pointer is obtained from cascade-floors0-priv before the loop that calls doc release device on each floor. doc release device frees the docg3 struct via...

PT-2026-47377

In the Linux kernel, the following vulnerability has been resolved: flow dissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

PT-2026-47384

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: fix error pointer dereference In a error path isp-psys is confirmed to be an error pointer not NULL so this condition is true and the error pointer is dereferenced. So isp-psys should be set to NULL before goin...

PT-2026-47351

In the Linux kernel, the following vulnerability has been resolved: mm/alloc tag: clear codetag for pages allocated before page ext initialization Due to initialization ordering, page ext is allocated and initialized relatively late during boot. Some pages have already been allocated and freed...

PT-2026-47354

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When device property read string fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual...

Linux Distros Unpatched Vulnerability : CVE-2026-46280

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib: testhmm: evict device pages on file close to avoid use-after-free Patch series Minor hmmtest fixes and cleanups. Two bugfixes a cleanup for the HMM kernel...

PT-2026-47306

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Convert to DRM's vblank timer Replace vkms' vblank timer with the DRM implementation. The DRM code is identical in concept, but differs in implementation. Vblank timers are covered in vblank helpers and initializer...

PT-2026-47383

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: Set vma flags in vb2 dma sg mmap vb2 dma contig sets VMA flags VM DONTEXPAND and VM DONTDUMP and I do not see a reason why vb2 dma sg should behave differently. This avoids hitting WARN ON!vma-vm flags & VM...

PT-2026-47358

In the Linux kernel, the following vulnerability has been resolved: leds: qcom-lpg: Check for array overflow when selecting the high resolution When selecting the high resolution values from the array, FIELD GET is used to pull from a 3 bit register, yet the array being indexed has only 5 values ...

PT-2026-47363

In the Linux kernel, the following vulnerability has been resolved: crypto: caam - guard HMAC key hex dumps in hash digest key Use print hex dump devel for dumping sensitive HMAC key bytes in hash digest key to avoid leaking secrets at runtime when CONFIG DYNAMIC DEBUG is enabled...

PT-2026-47367

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Do IRR scan in kvm apic update irr even if PIR is empty Fall back to apic find highest vector when PID.ON is set but PIR turns out to be empty, to correctly report the highest pending interrupt from the existing IRR. In...