EulerOS Virtualization 2.10.1 : net-snmp (EulerOS-SA-2026-1541)

According to the versions of the net-snmp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an...

SUSE-SU-2026:20720-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm...

SUSE-SU-2026:20667-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm...

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

Advanced Python Payload Encryption Framework with Hybrid Cryptography Steganography and Anti‑Debugging

This Python program implements an advanced payload protection framework that combines multiple security and obfuscation techniques to encrypt, package, and distribute Python code. The framework supports hybrid encryption, multi‑key protection, anti‑debugging checks, and optional steganographic...

EUVD-2025-208533

In hypalloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-36920

In hypalloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CLSA-2026-1773139548 kernel: Fix of 78 CVEs

fix: fbdev: fix potential buffer overflow in doregisterframebuffer - qed: Don't collect too many protection override GRC elements CVE-2025-39949 - drm/amd/display: Avoid a NULL pointer dereference CVE-2025-39693 - pNFS: Fix uninited ptr deref in block/scsi layout CVE-2025-38691 - netfilter:...

PT-2026-24435

Name of the Vulnerable Software and Affected Versions KVM versions affected versions not specified Description An out-of-bounds write issue exists in the hyp alloc function within arch/arm64/kvm/hyp/nvhe/alloc.c. This is due to insufficient input validation. Successful exploitation could lead to...

Unbreakable Enterprise kernel security update

6.12.0-109.67.6 - net: tunnel: make skbvlaninetprepare return drop reasons Menglong Dong Orabug: 39027305 6.12.0-109.67.5 - uek-rpm: fixed specs to explicitly call python3 as set as a requirement Mark Nicholson Orabug: 38933158 - Revert 'net/rds: fix crash by expanding kref coverage to...

kernel: x86/tdx: Fix "in-kernel MMIO" check

A flaw was found in the Linux kernel. Userspace can deceive the kernel into performing MMIO Memory-Mapped IO operations in TDX Trust Domain Extensions on its behalf, allowing a VE Virtualization Exception to be incorrectly handled as a in-kernel MMIO operation...

CLSA-2026-1773047152 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

CLSA-2026-1773045484 kernel: Fix of 28 CVEs

fix: dm: fix dmblkreportzones CVE-2025-38141 - ice: Fix a null pointer dereference in icecopyandinitpkg CVE-2025-38664 - qed: Don't collect too many protection override GRC elements CVE-2025-39949 - drm/amd/display: Avoid a NULL pointer dereference CVE-2025-39693 - iommu/amd/pgtbl: Fix possible...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-10.0.1.8)

The version of AHV installed on the remote host is prior to AHV-10.0.1.8. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-10.0.1.8 advisory. - In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended,...

K000160227: Linux kernel vulnerability CVE-2025-37849

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Tear down vGIC on failed vCPU creation If kvmarchvcpucreate fails to share the vCPU page with the hypervisor, we propagate the error back to the ioctl but leave the vGIC vCPU data...

CVE-2024-47886

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

Linux Distros Unpatched Vulnerability : CVE-2025-29939

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in secure encrypted virtualization SEV could allow a privileged attacker to write to the reverse map page RMP during secure nested pagin...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005446)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005446 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guestirq is coming from KVMIRQFD API call, it m...

CVE-2026-0029

In pkvminitvm of pkvm.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2026-0029

CVE-2026-0029 involves memory corruption in __pkvm_init_vm (pkvm.c) of the kernel, caused by a logic error, enabling local privilege escalation with no user interaction required. The initial description provides no exploitation details, no patch/version info, and no remediation steps. Connected d...