356 matches found
CVE-2026-23395
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
CVE-2026-23395 Bluetooth: L2CAP: Fix accepting multiple L2CAP_ECRED_CONN_REQ
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix accepting multiple L2CAPECREDCONNREQ Currently the code attempts to accept requests regardless of the command identifier which may cause multiple requests to be marked as pending FLAGDEFERSETUP which can cau...
Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...
SUSE-SU-2026:0961-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255163. - CVE-2023-53827: Bluetooth: L2CAP: Fix use-after-free in...
CLSA-2026-1773048865 kernel: Fix of 53 CVEs
xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...
Oracle Linux 7 : kernel (ELSA-2026-1581)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1581 advisory. - e1000e: fix heap overflow in e1000seteeprom CVE-2025-39898 Orabug: 38904071 - i40e: fix idx validation in config queues msg CVE-2025-39971 Orabug:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005727)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005727 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Oracle Linux 7 : kernel (ELSA-2026-0755)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0755 advisory. - scsi: ses: Fix possible descptr out-of-bounds accesses CVE-2023-53675 Orabug: 38860426 - ipv6: Fix out-of-bounds access in ipv6findtlv CVE-2023-53705...
CLSA-2026-1771078945 kernel: Fix of 131 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow CVE-2023-53676 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer CVE-2025-40269 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...
CLSA-2026-1771077729 kernel: Fix of 107 CVEs
net/ieee802154: don't warn zero-sized rawsendmsg CVE-2022-50706 - bpf: Don't redirect packets with invalid pktlen CVE-2022-49975 - media: uvcvideo: Fix 1-byte out-of-bounds read in uvcparseformat CVE-2025-38680 - ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network...
kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service
A flaw was found in the Linux kernel's Common Internet File System CIFS component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a...
kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service
A flaw was found in the Linux kernel's Common Internet File System CIFS component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a...
kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service
A flaw was found in the Linux kernel's Common Internet File System CIFS component. This use-after-free vulnerability occurs due to improper handling of server hostname information during connection re-establishment. An attacker on an adjacent network could exploit this, potentially leading to a...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Check encryption key size on incoming connection This is required for passing GAP/SEC/SEM/BI-04-C PTS test case: Security Mode 4 Level 4, Responder - Invalid Encryption Key Size - 128 bit This tests the security...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: Fixed null-ptr-deref in l2capsockresumecb. syzbot reported null-ptr-deref in l2capsockresumecb. 0 l2capsockresumecb has a similar issue that was fixed in commit 1bff51ea59a9 “Bluetooth: fixed use-after-free errors i...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005148)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005148 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix uaf in l2capconnect Syzbot reported BUG: KASAN: slab-use-after-free in...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005160)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005160 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: handle NULL sock pointer in l2capsockalloc A NULL sock pointer is passed into...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004842)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004842 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2capchanholdunlesszero after calling...
Azure Linux 3.0 Security Update: kernel (CVE-2025-21969)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21969 advisory. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix slab-use-after- fr...