Linux Distros Unpatched Vulnerability : CVE-2026-43148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - powerpc/smp: Add check for kcalloc failure in parsethreadgroups As kcalloc may fail, check its return value to avoid a NULL pointer dereference when passing it ...

Azure Linux 3.0 Security Update: kernel (CVE-2025-21866)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21866 advisory. - In the Linux kernel, the following vulnerability has been resolved: powerpc/code-patching: Fix KASAN hit by...

MiracleLinux 8 : kernel-4.18.0-147.8.1.el8 (AXSA:2020-750:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-750:12 advisory. kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception CVE-2019-15030 kernel: powerpc:...

MiracleLinux 8 : kernel-4.18.0-553.16.1.el8_10 (AXSA:2024-8704:25)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8704:25 advisory. kernel: powerpc: Fix access beyond end of drmem array CVE-2023-52451 kernel: efivarfs: force RO when remounting if SetVariable is not supported...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004241)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004241 advisory. An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idlebook3s.S does not have save/restore functionality for...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002353)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002353 advisory. The tmreclaimthread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists befor...

CVE-2023-54042 powerpc/64s: Fix VAS mm use after free

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Fix VAS mm use after free The refcount on mm is dropped before the coprocessor is detached...

EUVD-2022-54875

Malicious code in bioql PyPI...

The vulnerability of the do_uaccessFlush_fixups() function in the arch/powerpc/lib/feature-fixups.c module, which is part of the PowerPC platform support for the Linux operating system, allows a hacker to trigger a service failure.

The vulnerability of the douaccessFlushfixups function in the arch/powerpc/lib/feature-fixups.c module of the PowerPC platform support for the Linux operating system is related to incorrect input validation. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2022-49067

In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way pa works we have: pa0x8000000000000000 == 0, and therefore virttopfn0x8000000000000000 == ...

CVE-2022-49666

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...

CVE-2022-49666 powerpc/memhotplug: Add add_pages override for PPC

In the Linux kernel, the following vulnerability has been resolved: powerpc/memhotplug: Add addpages override for PPC With commit ffa0b64e3be5 "powerpc: Fix virtaddrvalid for 64-bit Book3E & 32-bit" the kernel now validate the addr against highmemory value. This results in the below BUGON with da...

CVE-2022-49623 powerpc/xive/spapr: correct bitmap allocation size

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm-bitmap allocation: BUG: KASAN: slab-out-of-bounds in findfirstzerobit+0x40/0x140 Read of size 8 at addr c00000001d1d0118 by task...

CVE-2022-49164 powerpc/tm: Fix more userspace r13 corruption

In the Linux kernel, the following vulnerability has been resolved: powerpc/tm: Fix more userspace r13 corruption Commit cf13435b730a "powerpc/tm: Fix userspace r13 corruption" fixes a problem in treclaim where a SLB miss can occur on the threadstruct-ckptregs while SCRATCH0 is live with the save...

CVE-2022-49067

CVE-2022-49067 is about a Linux kernel issue where virt_addr_valid() incorrectly returned true for vmalloc addresses in 64-bit Book3E (and related 32-bit behavior). Investigations across multiple advisories (NVD, Red Hat, Debian OSV, Unity/NASL/Nessus plugins) describe the root cause: __pa() can ...

The vulnerability of the powerpc/64s/interrupt components in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the powerpc/64s/interrupt components in the Linux operating system’s kernel is related to errors in resource management in the exitmustharddisable function. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2023-52499 powerpc/47x: Fix 47x syscall return crash

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...

The vulnerability in the implementation of the source code file arch/powerpc/kvm/book3s_hv_rmhandlers.S of Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability in the implementation of the source code file arch/powerpc/kvm/book3shvrmhandlers.S of Linux operating systems is related to the lack of checks for returned data during the processing of SRR1 values. Exploiting this vulnerability can allow an attacker to cause service failures...

CVE-2019-18660

The Linux kernel before 5.4.1 on powerpc allows Information Exposure because the Spectre-RSB mitigation is not in place for all applicable CPUs, aka CID-39e72bf96f58. This is related to arch/powerpc/kernel/entry64.S and arch/powerpc/kernel/security.c...