EUVD-2026-27669

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchpipcgetclusteraggrirq The clustercfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previously, thi...

CVE-2026-43274

Summary (validated by connected docs): In the Linux kernel, the mailbox subsystem (mchp-ipc-sbi) had an out-of-bounds access in mchp_ipc_get_cluster_aggr_irq() caused by indexing the dynamically allocated cluster_cfg array with hartid (potentially non-contiguous/ out of range). The fix switches t...

PT-2026-37614

In the Linux kernel, the following vulnerability has been resolved: mailbox: mchp-ipc-sbi: fix out-of-bounds access in mchp ipc get cluster aggr irq The cluster cfg array is dynamically allocated to hold per-CPU configuration structures, with its size based on the number of online CPUs. Previousl...

CVE-2026-31697

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if the firmware command failed. If the failure was due to an invalid...

denuOwO-hypervisor-vulnerabilities

DenuOwO SVM/VMX Hypervisor — 6 Vulnerabilities PoC + Analysis...

SUSE CVE-2026-31558

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Make kvmgetvcpubycpuid more robust kvmgetvcpubycpuid takes a cpuid parameter whose type is int, so cpuid can be negative. Let kvmgetvcpubycpuid return NULL for this case so as to make it more robust. This fix an...

CVE-2026-31569

The CVE-2026-31569 issue affects the Linux kernel’s LoongArch KVM path, where EIOINTC's coremap can be empty in eiointc_update_sw_coremap(), causing an out-of-bounds access to kvm_arch::phyid_map::phys_map[]. The described impact is system instability or a crash, with potential information disclo...

EUVD-2026-25462

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointcupdateswcoremap can be empty, currently we get a cpuid with -1 in this case, but we actually need 0 because it's similar as the case that...

CVE-2026-31558

The CVE-2026-31558 issue affects the Linux kernel LoongArch KVM component. The vulnerable code is kvm_get_vcpu_by_cpuid(), which accepts a cpuid as int; if cpuid is negative, the function could access kvm_arch::phyid_map::phys_map[] out of bounds. The documented fix makes kvm_get_vcpu_by_cpuid() ...

PT-2026-34910

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Make kvm get vcpu by cpuid more robust kvm get vcpu by cpuid takes a cpuid parameter whose type is int, so cpuid can be negative. Let kvm get vcpu by cpuid return NULL for this case so as to make it more robust...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993097)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993097 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and...

CVE-2023-53793

In the Linux kernel, the following vulnerability has been resolved: perf tool x86: Fix perfenv memory leak Found by leak sanitizer: ==1632594==ERROR: LeakSanitizer: detected memory leaks Direct leak of 21 bytes in 1 objects allocated from: 0 0x7f2953a7077b in interceptorstrdup...

CVE-2023-53793 perf tool x86: Fix perf_env memory leak

In the Linux kernel, the following vulnerability has been resolved: perf tool x86: Fix perfenv memory leak Found by leak sanitizer: ==1632594==ERROR: LeakSanitizer: detected memory leaks Direct leak of 21 bytes in 1 objects allocated from: 0 0x7f2953a7077b in interceptorstrdup...

EUVD-2022-55482

Malicious code in bioql PyPI...

DEBIAN-CVE-2022-50296

In the Linux kernel, the following vulnerability has been resolved: UM: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS is selected, cpumaxbitswarn generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using...

DEBIAN-CVE-2022-50210

In the Linux kernel, the following vulnerability has been resolved: MIPS: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS is selected, cpumaxbitswarn generates a runtime warning similar as below while we show /proc/cpuinfo. Fix this by using...

CLSA-2025-1747738545 Update of microcode_ctl

Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000620; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

CLSA-2025-1747725530 Update of microcode_ctl

Update Intel CPU microcode to 20250211: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c0003e0; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000620; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

OESA-2025-1032 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: sh: cpuinfo: Fix a warning for CONFIGCPUMASKOFFSTACK When CONFIGCPUMASKOFFSTACK and CONFIGDEBUGPERCPUMAPS are selected, cpumaxbitswarn generates a runtime warnin...

DEBIAN-CVE-2024-53135

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Bury Intel PT virtualization guest/host mode behind CONFIGBROKEN Hide KVM's ptmode module param behind CONFIGBROKEN, i.e. disable support for virtualizing Intel PT via guest/host mode unless BROKEN=y. There are myriad...