Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: Use kernelread for the sleepable context. A bug has been prevented: “BUG: Unable to handle a NULL pointer dereferencing in filemapreadfolio.” For the sleepable context, change freader to use kernelread instead of...

Astra Linux – Vulnerability in Heimdal

The fix for CVE-2022-3437 involved changing the memcmp function to run in constant time, as well as providing a workaround for a compiler bug by adding comparisons of the result with the value “!= 0” to the memcmp function. When these patches were backported to the heimdal-7.7.1 and heimdal-7.8.0...

Debian dla-4628 : linux-base - security update

The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dla-4628 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4628-1 [email protected] https://www.debian.org/lts/security/ B...

[SECURITY] [DLA 4628-1] linux-base update

Debian LTS Advisory DLA-4628-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 12, 2026 https://wiki.debian.org/LTS Package : linux-base Version : 4.12.1deb12u1 The linux-base package has been updated to support installation of a backport of Linux 6.12. For...

[SECURITY] [DLA 4627-1] kernel-wedge update

Debian LTS Advisory DLA-4627-1 [email protected] https://www.debian.org/lts/security/ Ben Hutchings June 12, 2026 https://wiki.debian.org/LTS Package : kernel-wedge Version : 2.106deb12u1 The kernel-wedge package has been updated to support building a backport of Linux 6.12. For Debian ...

SUSE-SU-2026:2327-1 Security update for go1.26

This update for go1.26 fixes the following issues Update to go1.26.4 bsc1255111: - CVE-2026-27145: crypto/x509: split candidate hostname only once bsc1267450. - CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader bsc1267442. - CVE-2026-42507: net/textproto: arbitrary input are...

SUSE CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

UBUNTU-CVE-2026-46289

In the Linux kernel, the following vulnerability has been resolved: lib/scatterlist: fix length calculations in extractkvectosg Patch series "Fix bugs in extractitertosg", v3. Fix bugs in the kvec and user variants of extractitertosg. This series is growing due to useful remarks made by...

UBUNTU-CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-46282

CVE-2026-46282 affects the Linux kernel IIO: frequency driver for admv1013. The root cause was a NULL/garbage pointer dereference when device_property_read_string() fails, leading to a dereference in strcmp. The fix consolidates the SE mode enums into a single sequential enum and replaces the man...

CVE-2026-46282 iio: frequency: admv1013: fix NULL pointer dereference on str

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

CVE-2026-46282

In the Linux kernel, the following vulnerability has been resolved: iio: frequency: admv1013: fix NULL pointer dereference on str When devicepropertyreadstring fails, str is left uninitialized but the code falls through to strcmpstr, ..., dereferencing a garbage pointer. Replace manual read/strcm...

PT-2026-47354

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A NULL pointer dereference occurs in the admv1013 driver within the iio: frequency component. When the device property read string function fails, the str variable remains uninitialized...

Fedora 44 : python-starlette (2026-3bce8d3f11)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-3bce8d3f11 advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : python-starlette (2026-e0f378428e)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-e0f378428e advisory. Backport fix for CVE-2026-48710 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 43 : rubygem-yard (2026-2d0a32ddc0)

The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-2d0a32ddc0 advisory. Backport 0.9.41 / 0.9.44 fixes for possible path traversal issues Tenable has extracted the preceding description block directly from the Fedora security...

Fedora 44 : haveged (2026-12643837bd)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-12643837bd advisory. Backport fix for CVE-2026-41054: privilege escalation via command socket Tenable has extracted the preceding description block directly from the Fedora...

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...