CVE-2026-31503

CVE-2026-31503 concerns a Linux kernel UDP hash2-based wildcard-bind conflict check that can miss an in-use port when many sockets bind to the same port. The issue arises because UDP uses two hashes (hash and hash2) for collision detection and switches to hash2 only when hslot->count > 10, ...

CVE-2026-31504 net: fix fanout UAF in packet_release() via NETDEV_UP race

In the Linux kernel, the following vulnerability has been resolved: net: fix fanout UAF in packetrelease via NETDEVUP race packetrelease has a race window where NETDEVUP can re-register a socket into a fanout group's arr array. The re-registration is not cleaned up by fanoutrelease, leaving a...

CVE-2026-31503 udp: Fix wildcard bind conflict check when using hash2

In the Linux kernel, the following vulnerability has been resolved: udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2 for collision detection. The current code switches to "hash2" when...

CVE-2026-31479 drm/xe: always keep track of remap prev/next

In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: 413.361679 WARNING: drivers/gpu/drm/xe/xevm.c:1217 at vmbindioctlopsunwind+0x1e2/0x2e0 xe, CPU7: vkd3dqueue/9925 413.361944 CPU: 7 UID:...

Linux Distros Unpatched Vulnerability : CVE-2026-31479

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: 413.361679 WARNING: drivers/gpu/drm/xe/xevm.c:1217 at...

PT-2026-34445

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

PT-2026-34409

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the packet release function where a NETDEV UP event can re-register a socket into a fanout group's arr array. Because packet release does not zero the po-num...

SUSE SLES16 Security Update : bind (SUSE-SU-2026:21204-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21204-1 advisory. - Update to release 9.20.21 - CVE-2026-1519: maliciously crafted DNSSEC-validated zone can lead to denial of service bsc1260805. -...

Linux Distros Unpatched Vulnerability : CVE-2026-31503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - udp: Fix wildcard bind conflict check when using hash2 When binding a udpsock to a local address and port, UDP uses two hashes udptable-hash and udptable-hash2...

PT-2026-34408

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A conflict check failure occurs when binding a udp sock to a local address and port. The system utilizes two hashes, udptable-hash and udptable-hash2, for collision detection. When the...

PowerDNS Authoritative Server 代码注入漏洞

The PowerDNS Authoritative Server is a DNS server developed by the Dutch company PowerDNS. There is a code injection vulnerability in the PowerDNS Authoritative Server. This vulnerability allows attackers to send notification requests, resulting in new auxiliary domains being added to the bind...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011394)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011394 advisory. In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmissi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-012952)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-012952 advisory. In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be...

MiracleLinux 9 : bind9.18-9.18.29-5.el9_7.4 (AXSA:2026-454:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-454:01 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

bind security update

An update is available for bind. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Berkeley Internet Name Domain BIND is an implementation of the Domain Name...

RockyLinux 8 : bind (RLSA-2026:8352)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:8352 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from the...

Security update for bind

This update for bind fixes the following issues: CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

SUSE-SU-2026:1428-1 Security update for bind

This update for bind fixes the following issues: - CVE-2026-1519: high CPU load during insecure delegation validation due to excessive NSEC3 iterations bsc1260805...

MiracleLinux 9 : bind-9.16.23-34.el9_7.2 (AXSA:2026-440:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-440:01 advisory. bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone CVE-2026-1519 Tenable has extracted the preceding description block directly from...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007454)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007454 advisory. In the Linux kernel, the following vulnerability has been resolved: net: sched: clsu32: Undo tcfbindfilter if u32replacehwknode When u32replacehwknode fails, we need...