Astra Linux - уязвимость в linux-5.10, linux-5.15

The Linux kernel allows user-space processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL, which disables the speculation feature, as well as through the use of seccomp. We noticed that on virtual machines of at least one major cloud provider, the kernel still left the victim...

SUSE CVE-2026-43280

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on patindex to prevent OOB kernel read in madvise When user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without validating bounds...

CVE-2026-43280 drm/xe: Add bounds check on pat_index to prevent OOB kernel read in madvise

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add bounds check on patindex to prevent OOB kernel read in madvise When user provides a bogus patindex value through the madvise IOCTL, the xepatindexgetcohmode function performs an array access without validating bounds...

CVE-2026-43280

CVE-2026-43280 is a Linux kernel vulnerability in the drm/xe module where a malicious user can supply a malformed pat_index via the madvise IOCTL, triggering an out-of-bounds read from xe->pat.table due to missing bounds checking in xe_pat_index_get_coh_mode() (validated only by a call in madv...

CVE-2026-31781

In the Linux kernel, the following vulnerability has been resolved: drm/ioc32: stop speculation on the drmcompatioctl path The drm compat ioctl path takes a user controlled pointer, and then dereferences it into a table of function pointers, the signature method of spectre problems. Fix this up b...

CVE-2026-31781

CVE-2026-31781 concerns the Linux kernel drm/ioc32 compat ioctl path, where a user-controlled pointer was used to index a table of function pointers (spectre-like pattern). The issue is mitigated by applying array_index_nospec on the index to the function-pointer list, as described in the fix. Co...

MiracleLinux 8 : kernel-4.18.0-147.8.1.el8 (AXSA:2020-750:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-750:12 advisory. kernel: powerpc: local user can read vector registers of other users' processes via a Facility Unavailable exception CVE-2019-15030 kernel: powerpc:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004365)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004365 advisory. The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by usi...

MiracleLinux 7 : kernel-3.10.0-1062.el7 (AXSA:2019-4338:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4338:05 advisory. Kernel: vhostnet: infinite loop while receiving packets leads to DoS CVE-2019-3900 Kernel: page cache side channel attacks CVE-2019-5489 kernel:...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001742)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001742 advisory. The Linux kernel allows userspace processes to enable mitigations by calling prctl with PRSETSPECULATIONCTRL which disables the speculation feature as well as by usi...

EUVD-2020-19695

Malware in sbrugna...

CLSA-2025-1756482270 kernel: Fix of CVE-2024-2201

spec: up spec/misc to 1160.136.1, spectre mitigation is off by default - hugetlb, mempolicy: fix the mbind hugetlb migration - net: atm: fix use after free in lecsend - net: atlantic: fix aqvec index out of range error - block: initialize flush request via blkmqrqctxinit - ALSA: usb-audio: Fix a...

Important: kernel

Issue Overview: A flaw was found in the Linux kernel's Layer 2 Tunneling Protocol L2TP. A missing lock when clearing skuserdata can lead to a race condition and NULL pointer dereference. A local user could use this flaw to potentially crash the system causing a denial of service. CVE-2022-4129 In...

DEBIAN-CVE-2023-53024

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation To mitigate Spectre v4, 2039f26f3aca "bpf: Fix leakage due to insufficient speculative store bypass mitigation" inserts lfence instructions after 1...

CVE-2023-53024

The CVE-2023-53024 entry concerns the Linux kernel BPF subsystem. Root cause: speculative store bypass (SSB) can cause a stack slot initially containing a pointer to be overwritten by a scalar without a subsequent lfence, enabling a potential speculative-pointer‑as‑scalar leak. The mitigation add...

Linux Distros Unpatched Vulnerability : CVE-2020-27170

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out- of-bounds speculation on pointer arithmetic, leading ...

Virtuozzo Hybrid Infrastructure 6.2 (6.2.0-136)

In this release, Virtuozzo Hybrid Infrastructure provides a range of new features that cover the compute service, high availability of the management node, object storage management, networking, and monitoring. Additionally, this release delivers stability improvements and addresses issues found ...

DEBIAN-CVE-2021-46908

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

CVE-2021-46908

In the Linux kernel, the following vulnerability has been resolved: bpf: Use correct permission flag for mixed signed bounds arithmetic We forbid adding unknown scalars with mixed signed bounds due to the spectre v1 masking mitigation. Hence this also needs bypassspecv1 flag instead of...

USN-6548-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-xilinx-zynqmp vulnerabilities

It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. CVE-2023-3006 It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors i...