qemu-kvm security update

7.2.0-37.el9 - hashing: use mmap/munmap for isal functions Elena Ufimtseva Orabug: 39165991 - multifd: replace allocations/free with mmap/munmap Elena Ufimtseva Orabug: 39165991 - pagecache: use mmap based data pool for cache items Elena Ufimtseva Orabug: 39165991 - pagecache: change cache...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013052)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013052 advisory. In the Linux kernel, the following vulnerability has been resolved: amdgpu: validate offsetinbo of drmamdgpugemva This is motivated by OOB access in...

CVE-2026-40572

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 MemoryMapRange allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical...

Juju: In-Memory Token Store for Discharge Tokens Lacks Concurrency Safety and Persistence

Summary The localLoginHandlers struct in the Juju API server maintains an in-memory map to store discharge tokens following successful local authentication. This map is accessed concurrently from multiple HTTP handler goroutines without any synchronization primitive protecting it. The absence of ...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-006600)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006600 advisory. An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions expanddownwards and expandupwards...

GHSA-Q6VJ-WXVF-5M8C OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp

Summary A heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in ImfContextInit.cpp when parsing a malformed EXR file through a memory-mapped IStream. A signed integer subtraction produces a negative value that is implicitly converted to sizet, resulting in a massive lengt...

CVE-2026-23352

A flaw was found in the Linux kernel. During system startup, when the kernel attempts to free memory used by EFI Extensible Firmware Interface boot services, it may fail to properly release these memory regions. This occurs because the memory freeing process is initiated before the system's memor...

EUVD-2026-15325

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

CVE-2026-23352

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

CVE-2026-23380

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix WARNON in tracingbuffersmmapclose When a process forks, the child process copies the parent's VMAs but the usermapped reference count is not incremented. As a result, when both the parent and child processes exit,...

CVE-2026-23352 x86/efi: defer freeing of boot services memory

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

SUSE CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

CVE-2026-26981

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.3.0 through 3.3.6 and 3.4.0 through 3.4.4, a heap-buffer-overflow OOB read occurs in the istreamnonparallelread function in...

CVE-2026-23199

CVE-2026-23199 : In the Linux kernel, procfs could deadlock by fetching the optional build ID while holding the VMA lock. The fix changes PROCMAP_QUERY to obtain the optional build ID only after dropping mmap_lock or after acquiring the per-VMA lock used to guard the VMA, preventing the cross-loc...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003623)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003623 advisory. The resvmaprelease function in mm/hugetlb.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service BUG via a crafted application that mak...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002819)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002819 advisory. Use-after-free vulnerability in mm/percpu.c in the Linux kernel through 4.6 allows local users to cause a denial of service BUG or possibly have unspecified other...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002653)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002653 advisory. An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix- timers.c in the POSIX timer code is caused by the way the overr...

PT-2026-27717

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue related to the freeing of EFI boot services memory. The efi free boot services function incorrectly uses memblock free late to free memory reserved wit...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992796)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992796 advisory. In the Linux kernel, the following vulnerability has been resolved: efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption The TPM event log table is...

CVE-2025-40356 spi: rockchip-sfc: Fix DMA-API usage

In the Linux kernel, the following vulnerability has been resolved: spi: rockchip-sfc: Fix DMA-API usage Use DMA-API dmamapsingle call for getting the DMA address of the transfer buffer instead of hacking with virttophys. This fixes the following DMA-API debug warning: ------------ cut here...