Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, caused by the lack of resetting of the nexteventforced flag in clockevents, which may lead to the loss of timer...

PT-2026-34926

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw in the clockevents prevention mechanism against timer interrupt starvation occurs because the next event forced flag is not reset in certain scenarios. This failure happens when t...

SUSE-SU-2026:1575-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. - CVE-2026-23243: RDMA/umad:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. CVE-2026-23243: RDMA/umad: Reject...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2025-68818: scsi: Revert "scsi: qla2xxx: Perform lockless command completion in abort path"...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. CVE-2026-23243: RDMA/umad: Reject negative...

SUSE-SU-2026:1563-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. - CVE-2026-23243: RDMA/umad: Reject...

CVE-2026-31499

A flaw was found in the Linux kernel's Bluetooth L2CAP component. A deadlock can occur in the l2capconndel function when canceling delayed work, specifically infotimer and idaddrtimer. This happens because l2capconndel holds a lock while attempting to cancel work functions that also acquire the...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

freerdp: FreeRDP has a heap-use-after-free in video_timer

A use after free flaw has been discovered in FreeRDP. The videotimer can send client notifications after the control channel is closed, dereferencing a freed callback and triggering a use after free. A malicious server can trigger a client‑side heap use after free causing a crash DoS...

CVE-2026-26399

A stack-use-after-return issue exists in the ArduinoCoreSTM32 library prior to version 1.7.0. The pwmstart function allocates a TIMHandleTypeDef structure on the stack and passes its address to HAL initialization routines, where it is stored in a global timer handle registry. After the function...

Unity Linux 20.1050e / 20.1060e Security Update: kernel (UTSA-2026-013399)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013399 advisory. In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in timerdeletesync There are two paths to access mptcppmdeladdtimer, result in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013682)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013682 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-timers: Ensure timer ID search-loop limit is valid posixtimeradd tries to allocate a posix...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013768)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013768 advisory. In the Linux kernel, the following vulnerability has been resolved: net/sched: fqpie: avoid stalls in fqpietimer When setting a high number of flows limit being 6553...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013771)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013771 advisory. In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttctimerprobe Smatch reports:...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013647 advisory. In the Linux kernel, the following vulnerability has been resolved: dm thin: Fix UAF in runtimersoftirq When dmresume and dmdestroy are concurrent, it will lead to...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013550)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013550 advisory. In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013475)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013475 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper Th...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011209 advisory. In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix use-after-free bugs caused by orphan timer in probe The state-timer is ...