Linux Distros Unpatched Vulnerability : CVE-2026-43465

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net/mlx5e: RX, Fix XDP multi-buf frag counting for striding RQ XDP multi-buf programs can modify the layout of the XDP buffer when the program calls...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: dma-buf/syncfile: Do not leak fences during merge failures. Each call to addfence performs a dmafenceget operation on the relevant fence. In error-prone scenarios, we did not call dmafenceput, resulting in all those fences bei...

Astra Linux – Vulnerability in SOX

A vulnerability was discovered in SoX, where a heap buffer overflow occurs in the lsxreadwbuf function in the formatsi.c file. This vulnerability can be exploited by using a specially crafted file, which may cause the application to crash...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Added outer runtime PM protection to xelivektest@xedmabuf. Any process using the kunit interface that performs memory accesses should receive its own outer runtime PM protection, since it does not use the standard driver...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fixed a double-free in the dma-buf feature. The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport. Instead, it proceeds through the entire unwind chain. In the...

Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2025-38449, CVE-2025-22097, CVE-2025-38332, CVE-2025-38352 Vulnerability Details CVEID:CVE-2025-38449 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

SUSE CVE-2026-31468

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

openSUSE 16 Security Update : gnome-remote-desktop (openSUSE-SU-2026:20590-1)

The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20590-1 advisory. Update to version 48.3. Security issues fixed: - CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Other updates and...

CVE-2026-31468

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

CVE-2026-31468 vfio/pci: Fix double free in dma-buf feature

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfiopcicorefeaturedmabuf ignores its own advice to only use dmabufput after dmabufexport, instead falling through the entire unwind chain. In the unlikely event...

CVE-2026-31468

CVE-2026-31468 affects the Linux kernel vfio/pci dma-buf feature. The issue is an error-path handling bug in vfio_pci_core_feature_dma_buf() that can cause an unbalanced refcount and a double free under certain conditions (e.g., file descriptor exhaustion). The documented fix moves the dma_buf_pu...

PT-2026-34373

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Fix double free in dma-buf feature The error path through vfio pci core feature dma buf ignores its own advice to only use dma buf put after dma buf export, instead falling through the entire unwind chain. In the unlike...

OPENSUSE-SU-2026:20590-1 Security update for gnome-remote-desktop

This update for gnome-remote-desktop fixes the following issues: Update to version 48.3. Security issues fixed: - CVE-2025-5024: an unauthenticated attacker can exhaust system resources bsc1244053. Other updates and bugfixes: - Version update to 48.3: + Fix image corruption on some NVIDIA GPUs. -...

CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

CVE-2026-5315

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

ROS-20260323-73-0001

A vulnerability in the smpstoremb function of the dma-buf component of the Linux kernel is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2026-1313)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : scsi: mpt3sas: Fix crash in transport port remove by using iocinfoCVE-2025-40115 scsi: target: Fix WRITESAME No Data Buffer crashCVE-2022-21546...

CVE-2025-15570

A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzmadecompressbuf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a requirement. The exploit has been made public and could be used. The project was informed of the...

GHSA-J39J-6GW9-JW6H git2 has potential undefined behavior when dereferencing Buf struct

If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...

git2 has potential undefined behavior when dereferencing Buf struct

If the Buf struct is dereferenced immediately after calling new or default on the Buf struct, a null pointer is passed to the unsafe function slice::fromrawparts. According to the safety section documentation of the function, data must be non-null and aligned even for zero-length slices or slices...