Slackware Linux 15.0 / current kernel-generic Vulnerability (SSA:2026-135-02)

The version of kernel-generic installed on the remote host is prior to 5.15.207 / 5.15.207smp / 6.12.89 / 6.18.31. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-135-02 advisory. New kernel packages are available for Slackware 15.0 and -current to fix a security issue...

Linux Distros Unpatched Vulnerability : CVE-2026-43362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix in-place encryption corruption in SMB2write SMB2write places write payload in iov1..n as part of rqiov. smb3inittransformrq pointer-shares rqio...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-100 (ALASKERNEL-5.15-2026-100)

The version of kernel installed on the remote host is prior to 5.15.202-141.223. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-100 advisory. In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in...

CVE-2026-23212 affecting package kernel for versions less than 6.6.126.1-1

CVE-2026-23212 affecting package kernel for versions less than 6.6.126.1-1. A patched version of the package is available...

CVE-2025-39691 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-39691 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-68336 affecting package kernel for versions less than 6.6.121.1-1

CVE-2025-68336 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...

CVE-2025-68788 affecting package kernel for versions less than 6.6.121.1-1

CVE-2025-68788 affecting package kernel for versions less than 6.6.121.1-1. A patched version of the package is available...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37960)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37960 advisory. - In the Linux kernel, the following vulnerability has been resolved: memblock: Accept allocated memory before...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000839)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000839 advisory. The rdsibxmit function in net/rds/ibsend.c in the Reliable Datagram Sockets RDS protocol implementation in the Linux kernel 3.7.4 and earlier allows local users to...

AZL-74628 CVE-2025-71120 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: svcauthgss: avoid NULL deref on zero length gsstoken in gssreadproxyverf A zero length gsstoken results in pages == 0 and intoken-pages0 is NULL. The code unconditionally evaluates pageaddressintoken-pages0 for the initia...

AZL-74468 CVE-2025-68776 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

PT-2025-52929

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.10.0 1 Description The Linux kernel contained an issue where the convert context function, called within a critical section, could potentially cause a process to sleep while allocating memory using GFP KERNEL...

CVE-2025-38711 affecting package kernel for versions less than 6.6.104.2-1

CVE-2025-38711 affecting package kernel for versions less than 6.6.104.2-1. An upgraded version of the package is available that resolves this issue...

AZL-74745 CVE-2025-39894 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: brnetfilter: do not check confirmed bit in brnflocalin after confirm When send a broadcast packet to a tap device, which was added to a bridge, brnflocalin is called to confirm the conntrack. If another conntrack with...

AZL-67344 CVE-2025-39801 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: Remove WARNON for device endpoint command timeouts This commit addresses a rarely observed endpoint command timeout which causes kernel panic due to warn when 'paniconwarn' is enabled and unnecessary call trace prints...

AZL-67184 CVE-2025-39773 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...

AZL-73962 CVE-2025-39766 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit The following setup can trigger a WARNING in htbactivate due to the condition: !cl-leaf.q-q.qlen tc qdisc del dev lo root tc qdisc add dev lo root handle 1: htb...

AZL-67253 CVE-2025-39744 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: rcu: Fix rcureadunlock deadloop due to IRQ work During rcureadunlockspecial, if this happens during irqexit, we can lockup if an IPI is issued. This is because the IPI itself triggers the irqexit path causing a recursive lock up...

Linux Distros Unpatched Vulnerability : CVE-2022-28658

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing CVE-2022-28658 Note that Nessus relies on the presence of...

Linux Distros Unpatched Vulnerability : CVE-2019-15239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, a certain net/ipv4/tcpoutput.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm...