Security Bulletin: Vulnerabilities in kernel affects IBM Netezza Appliance

Summary The kernel package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVEs CVE-2023-53373, CVE-2025-38556, CVE-2025-38614, CVE-2025-39757 Vulnerability Details CVEID:CVE-2023-53373 DESCRIPTION: In the Linux kernel, the following vulnerability has been...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006642)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006642 advisory. In the Linux kernel, the following vulnerability has been resolved: list: fix a data-race around ep-rdllist eppoll first calls epeventsavailable with no lock held an...

SUSE CVE-2026-23253

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

CVE-2026-23253

In the Linux kernel, the following vulnerability has been resolved: media: dvb-core: fix wrong reinitialization of ringbuffer on reopen dvbdvropen calls dvbringbufferinit when a new reader opens the DVR device. dvbringbufferinit calls initwaitqueuehead, which reinitializes the waitqueue list head...

CVE-2026-23253

CVE-2026-23253 affects the Linux kernel dvb-core/dvb_dvr_open path where reinitializing the shared dvr_buffer waitqueue via dvb_ringbuffer_init() could leave stale waitqueue entries. The fix uses direct data/size assignment and calls dvb_ringbuffer_reset() instead, avoiding waitqueue/spinlock tou...

NewStart CGSL MAIN 6.06 (SP) : postfix Multiple Vulnerabilities (NS-SA-2026-0024)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has postfix packages installed that are affected by multiple vulnerabilities: - The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods ar...

Siemens SIMATIC S7-1500 Uncontrolled Recursion (CVE-2025-38614)

In the Linux kernel, the following vulnerability has been resolved: eventpoll: Fix semi-unbounded recursion Ensure that epoll instances can never form a graph deeper than EPMAXNESTS+1 links. Currently, eploopcheckproc ensures that the graph is loop-free and does some recursion depth checks, but...

K000159873: Linux kernel vulnerability CVE-2025-39881

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: kernfs: Fix UAF in polling when open file is released A use-after-free UAF vulnerability was identified in the PSI Pressure Stall Information monitoring mechanism: BUG: KASAN: slab-use-after-free in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000659)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000659 advisory. The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local user...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002269)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002269 advisory. The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local user...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001785)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001785 advisory. The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local user...

MiracleLinux 4 : kernel-2.6.32-279.AXS4 (AXSA:2012-749:06)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-749:06 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

MiracleLinux 3 : kernel-2.6.18-308.1.AXS3 (AXSA:2012-487:03)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-487:03 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Astra Linux - уязвимость в linux-6.12

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000512)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000512 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the...

SUSE CVE-2023-54019

In the Linux kernel, the following vulnerability has been resolved: sched/psi: use kernfs polling functions for PSI trigger polling Destroying psi trigger in cgroupfilerelease causes UAF issues when a cgroup is removed from under a polling process. This is happening because cgroup removal causes ...

PT-2025-52976

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free UAF issue exists in the Linux kernel related to PSI Pressure Stall Information trigger polling within cgroups. The issue occurs when destroying a psi trigger during cgro...

9p/trans_fd: p9_fd_request: kick rx thread if EPOLLIN

...

EUVD-2025-201640

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...

DEBIAN-CVE-2025-40305

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...