PT-2026-5537

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-last fence. This pointer holds an extra dma fence reference. When the queue is destroyed, we fr...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1123)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthreadCVE-2023-52572 net: fix data-races around sk-skforwardallocCVE-2024-53124 quota: flush...

Linux Distros Unpatched Vulnerability : CVE-2026-23034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 7 : kernel (RHSA-2026:1581)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1581 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: e1000e: fix heap overflow in...

kernel: RDMA/rxe: Fix incomplete state save in rxe_requester

An incorrect state restoration flaw was found in the Linux kernel's RDMA rxe soft-RoCE driver in the requester packet transmission logic. A local user with access to RDMA devices can trigger this issue when network layer packet drops occur during RDMA send operations, causing the work queue eleme...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel: i40e: fix idx validation in config queues msg

A flaw was found in the Linux kernel in the Intel i40e network driver such that in the function i40evcconfigqueuesmsg, when iterating over vf-chidx, the idx value is not properly validated against the range of active/initialized traffic classes TCs. An attacker with local privileges could supply ...

RHEL 9 : kernel (RHSA-2026:1494)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1494 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: mac80211: fix potential double...

RHEL 9 : kernel-rt (RHSA-2026:1443)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1443 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

CVE-2026-22264 Suricata detect/alert: heap-use-after-free on alert queue expansion

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...

CVE-2026-22264

CVE-2026-22264 affects Suricata (network IDS/IPS/NSM engine). The issue is caused by an unsigned integer overflow that can trigger a heap use-after-free during generation of excessive alerts for a single packet. Affected releases are prior to versions 8.0.3 and 7.0.14 ; those versions contain the...

CVE-2026-22264 Suricata detect/alert: heap-use-after-free on alert queue expansion

Suricata is a network IDS, IPS and NSM engine. Prior to version 8.0.3 and 7.0.14, an unsigned integer overflow can lead to a heap use-after-free condition when generating excessive amounts of alerts for a single packet. Versions 8.0.3 and 7.0.14 contain a patch. As a workaround, do not run...

CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

UBUNTU-CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

EUVD-2026-4841

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

CVE-2026-21720

Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005004)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005004 advisory. In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005067)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005067 advisory. In the Linux kernel, the following vulnerability has been resolved: phonet/pep: fix racy skbqueueempty use The receive queues are protected by their respective...