K000161577: Linux kernel vulnerability CVE-2025-39817

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efivarfs: fixed error propagation in efivarentryget The efivarentryget function always returns a success value, even if the underlying efivarentryget function fails, thereby masking errors. This may result in uninitialized heap...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Force RO when remounting if SetVariable is not supported If SetVariable at runtime is not supported by the firmware, we never assign a callback for that function. At the same time, we mount efivarfs as RO so that no one...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fixed the memory leak of efivarfsfsinfo in situations where the fscontext is being initialized. When processing mount options, efivarfs allocates efivarfsfsinfo sfi early during the initialization of the fscontext...

Astra Linux - уязвимость в linux-6.1, linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as well: BUG: KASAN: slab-out-of-bounds in memcmp+0x98/0xd0 Call trace: kasancheckrange+0xe8/0x190 asanloadN+0x1c/0x28 memcmp+0x98/0xd0...

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007029)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007029 advisory. In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as...

kernel: Linux kernel: Information disclosure in efivarfs via incorrect error propagation

A flaw was found in the efivarfs component of the Linux kernel. This vulnerability, an information disclosure issue, arises from incorrect error handling in the efivarentryget function. An unprivileged local attacker can exploit this by reading from efivarfs, potentially causing uninitialized...

RHEL 10 : kernel (RHSA-2026:9095)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9095 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Denial of Servi...

SUSE-SU-2026:21255-1 Security update for the Linux Kernel

The SUSE Linux Micro RT 6.0 and 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc1226591. - CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare bsc124999...

SUSE-SU-2026:21123-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc1226591. - CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006807)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006807 advisory. In the Linux kernel, the following vulnerability has been resolved: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare Observed on kernel 6.6 present on master as...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1487)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1487 advisory. In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs CVE-2025-71225 In the Linux kernel, the following vulnerability has bee...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: md: suspend array while updating raiddisks via sysfs CVE-2025-71225 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix reservation leak in some error paths when inserting inline extent...

Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50453: gpiolib: cdev: fix NULL-pointer dereferences bsc1250887. CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue...

SUSE SLES15 / openSUSE 15 : Security update for the Linux Kernel (SUSE-SU-2026:1041-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1041-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc122659...

Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

kernel security update

3.10.0-1160.119.1.0.19 - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug: 39036029 - atm: clip: Fix infinite recursive call of clippush. CVE-2025-38459 Orabug: 39036029 - usb: core: config: Preve...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. CVE-2025-39748: bpf: Forget ranges when refining tnum after JSET bsc1249587...

EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1537)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : media: v4l2-mem2mem: add lock to protect parameter numrdyCVE-2023-53519 md: Replace snprintf with scnprintfCVE-2022-50299 mm/vmscan...