Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

CVE-2026-23238

In the Linux kernel, the following vulnerability has been resolved: romfs: check sbsetblocksize return value romfsfillsuper ignores the return value of sbsetblocksize, which can fail if the requested block size is incompatible with the block device's configuration. This can be triggered by settin...

Oracle Linux 10 : kernel (ELSA-2026-2282)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-2282 advisory. - mptcp: Use skdstget and dstdevrcu in mptcpactiveenable. Davide Caratti RHEL-129044 CVE-2025-40133 - vsock/vmci: Clear the vmci transport packet...

UBUNTU-CVE-2025-40265

In the Linux kernel, the following vulnerability has been resolved: vfat: fix missing sbminblocksize return value checks When emulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, but without format, a kernel panic was triggered during the early boot stag...

CVE-2025-40265

CVE-2025-40265 affects the Linux kernel vfat filesystem code. A missing return-value check of sb_min_blocksize() could trigger a kernel panic during NVMe/qemu emulation when mounting a vfat filesystem with 8 KiB logical/physical block sizes and no format. The vulnerability is addressed by the ref...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: iavf: Fix reset error handling CVE-2022-50053 In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe for module type kobjects CVE-2025-37995 In the Linux kernel,...