Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 10 : kernel (RHSA-2026:1236)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1236 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mm/compaction: fix UBSAN...

RHEL 9 : kernel (RHSA-2026:1194)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1194 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ntbhwswitchtec: Fix...

ROS-20260126-73-0062

A vulnerability in the openvswitch component of the Linux operating system kernel is related to insufficient input validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE SLES15 / openSUSE 15 Security Update : openvswitch (SUSE-SU-2026:0280-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0280-1 advisory. Update to v3.1.7: - CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload...

Security update for openvswitch

This update for openvswitch fixes the following issues: Update to v3.1.7: CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload bsc1219465. CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service bsc1255435...

SUSE-SU-2026:0280-1 Security update for openvswitch

This update for openvswitch fixes the following issues: Update to v3.1.7: - CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload bsc1219465. - CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21681)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21681 advisory. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix lockup on tx to...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37998)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37998 advisory. - In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsin...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37789)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37789 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38146)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38146 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix the dead loop of...

CLSA-2026-1768663754 kernel: Fix of 38 CVEs

ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 CVE-2025-38249 - drm/i915/gt: Fix timeline left held on VMA alloc error CVE-2025-38389 - md/raid1: Fix stack memory use after return in raid1reshape CVE-2025-38445 - atm: clip: Fix infinite recursive call of clippush...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-49110: netfilter: conntrack: revisit gc autotuning bsc1237981. CVE-2022-49139: Bluetooth: fix null ptr deref on hcisyncconncompleteevt bsc1238032...

net: openvswitch: fix middle attribute validation in push_nsh() action

...

SUSE CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

CVE-2025-68785

CVE-2025-68785 concerns a Linux kernel openvswitch vulnerability in the push_nsh() action. The root cause is missing validation of the middle NSH attribute (not guaranteed to be OVS_KEY_ATTR_NSH) inside the action nesting, allowing unsafe access during validation and nested nla processing. The ci...

CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...