CVE-2026-53201

CVE-2026-53201 in the Linux kernel was resolved by reverting a performance optimization that skipped suspend scheduling in LR/preempt-fence VM mode. The idle-skip optimization could bypass the GuC suspend, preventing the context switch that flushes TLB entries for invalidated userptr VMAs, potent...

EUVD-2026-39156

sys/kern/sysvsem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in syssemget...

CVE-2026-23553

In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CPU A, running task ...

x86: incomplete IBPB for vCPU isolation

ISSUE DESCRIPTION In the context switch logic Xen attempts to skip an IBPB in the case of a vCPU returning to a CPU on which it was the previous vCPU to run. While safe for Xen's isolation between vCPUs, this prevents the guest kernel correctly isolating between tasks. Consider: 1 vCPU runs on CP...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004240 advisory. A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disab...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003908)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003908 advisory. A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disab...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000608)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000608 advisory. The switchto function in arch/x86/kernel/process64.c in the Linux kernel does not properly context- switch IOPL on 64-bit PV Xen guests, which allows local guest OS...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001364)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001364 advisory. The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002610)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002610 advisory. The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003204)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003204 advisory. The spectrev2selectmitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it...

CVE-2025-71078

A Segment Lookaside Buffer SLB multi-hit error vulnerability was found in the Linux kernel's PowerPC 64-bit hash MMU implementation. When a process migrates between CPUs without triggering switchmmucontext because prev and next mmstruct are the same, the hardware SLB and software preload cache ca...

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

CVE-2025-71078

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s/slb: Fix SLB multihit issue during SLB preload On systems using the hash MMU, there is a software SLB preload cache that mirrors the entries loaded into the hardware SLB buffer. This preload cache is subject to period...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000498)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000498 advisory. A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD. A bug in the logic handling allows an attacker with a local account to disab...

PT-2025-53069

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the rtw88 wifi driver related to rate updates. The ieee80211 ops::sta rc update function must be atomic to prevent a context switch within an RCU...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

SUSE-SU-2025:03505-1 Security update for redis

This update for redis fixes the following issues: - CVE-2025-49844: Malicious Lua scripts may lead to remote code execution. bsc1250995 - CVE-2025-46817: Malicious Lua scripts may lead to integer overflow and potential remote code execution. bsc1250995 - CVE-2025-46818: Malicious Lua scripts can ...

EUVD-2018-7446

Malware in sbrugna...