Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

kernel: scsi: lpfc: Fix buffer free/clear order in deferred receive path

A use-after-free vulnerability exists in the linux kernel such that the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the context pointer under the lock...

RHEL 10 : kernel (RHSA-2025:21118)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21118 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: dochangetype: refuse to...

kernel: tcp: drop secpath at the same time as we currently drop dst

In the Linux kernel, the following vulnerability has been resolved: tcp: drop secpath at the same time as we currently drop dst Xiumei reported hitting the WARN in xfrm6tunnelnetexit while running tests that boil down to: - create a pair of netns - run a basic TCP test over ipcomp6 - delete the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990434)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990434 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transactio...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990153)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990153 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvlplaydeferred Similar to the handling of playdeferred in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989068)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989068 advisory. In the Linux kernel, the following vulnerability has been resolved: nfc: nfcmrvl: Fix memory leak in nfcmrvlplaydeferred Similar to the handling of playdeferred in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989995)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989995 advisory. In the Linux kernel, the following vulnerability has been resolved: driver core: Fix waitfordeviceprobe & deferredprobetimeout interaction Mounting NFS rootfs was...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989236)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989236 advisory. In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988728)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988728 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transactio...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerabilities have been resolved: drm/fbdev-dma: Added shadow buffering for deferred I/O. DMA areas are not necessarily backed by struct page, so we cannot rely on it for deferred I/O. Allocate a shadow buffer for drivers that require deferred I/O and use it a...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Don't call mmput from MMU notifier callback If the process is exiting, the mmput inside mmu notifier callback from compactd or fork or numa balancing could release the last reference of mm struct to call exitmmap and...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fixed the buffer release/clearing order in the deferred receive path. A use-after-free condition was addressed by correcting the buffer release sequence in the deferred receive path. The code first released the RQ...

kernel: scsi: lpfc: Fix buffer free/clear order in deferred receive path

A use-after-free vulnerability exists in the linux kernel such that the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the context pointer under the lock...

kernel: scsi: lpfc: Fix buffer free/clear order in deferred receive path

A use-after-free vulnerability exists in the linux kernel such that the buffer release sequence in the deferred receive path. The code freed the RQ buffer first and only then cleared the context pointer under the lock...

CVE-2025-12198

Last updated 29 October 2025 Notes mdeslaur This issue requires replacing the root-owned configuration file. See https://www.openwall.com/lists/oss-security/2025/10/27/1 This CVE is likely to be rejected. Marking as deferred for now...

CVE-2025-12199

Last updated 29 October 2025 Notes mdeslaur This issue requires replacing the root-owned configuration file. See https://www.openwall.com/lists/oss-security/2025/10/27/1 This CVE is likely to be rejected. Marking as deferred for now...

CVE-2025-12200

Last updated 29 October 2025 Notes mdeslaur This issue requires replacing the root-owned configuration file. See https://www.openwall.com/lists/oss-security/2025/10/27/1 This CVE is likely to be rejected. Marking as deferred for now...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: L2CAP: fix "bad unlock balance" in l2capdisconnectrsp CVE-2023-53297 kernel: efivarfs: Fix slab-out-of-bounds in...

Linux Distros Unpatched Vulnerability : CVE-2025-40018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ipvs: Defer ipvsftp unregister during netns cleanup On the netns cleanup path, ipvsftpexit may unregister ipvsftp before connections with valid cp-app pointers...