RHEL 7 : kernel-rt (RHSA-2026:10756)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:10756 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

Linux Distros Unpatched Vulnerability : CVE-2026-31614

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb: client: fix off-by-8 bounds check in checkwsleas The bounds check uses u8 ea + nlen + 1 + vlen as the end of the EA name and value, but eadata sits at offs...

Linux Distros Unpatched Vulnerability : CVE-2026-42041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, the Axios library is vulnerable to a Prototype Pollution Gadget...

Linux Distros Unpatched Vulnerability : CVE-2026-42039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, s...

net: altera-tse: fix skb leak on DMA mapping error in tse_start_xmit()

...

bnge: return after auxiliary_device_uninit() in error path

...

net: lan966x: fix page_pool error handling in lan966x_fdma_rx_alloc_page_pool()

...

The Vehicle May Be Sick: Denial of Diagnostic Services by Exploiting the CAN Transport Protocol

Vehicle diagnostics has become essential for detecting in-vehicle errors and ensuring safety. While the Unified Diagnostic Services UDS protocol is widely adopted for diagnostic operations, it relies on the ISO 15765-2 standard as the transport protocol over the Controller Area Network CAN, which...

Unity Linux 20.1060a Security Update: kernel (UTSA-2026-014325)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014325 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix oops for port-pm on uartchangepm Unloading a hardware specific 8250 driver can...

OESA-2026-2117 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2026-2116 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2026-2115 python3 security update

Python combines remarkable power with very clear syntax. It has modules, classes, exceptions, very high level dynamic data types, and dynamic typing. There are interfaces to many system calls and libraries, as well as to various windowing systems. New built-in modules are easily written in C or C...

OESA-2026-2106 firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. %if 0 %global mozdebugprefix /lib/debug %global mozdebugdir /lib/debug/ %global unamem %uname -m %global symbolsfilename -.en-US.-%uname.crashreporter-symbols.zip %global symbolsfilepath...

OESA-2026-2094 giflib security update

giflib is a library of gif images and provides utilities for processing images. Security Fixes: Giflib contains a double-free vulnerability that is the result of a shallow copy in GifMakeSavedImage and incorrect error handling. The conditions needed to trigger this vulnerability are difficult but...

OESA-2026-2050 mesa security update

. Security Fixes: In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be-allocated data depends on an untrusted party, and is then used for alloca.CVE-2026-40393...

OESA-2026-1998 sudo security update

Sudo is a program designed to allow a sysadmin to give limited root privileges to users and log root activity. The basic philosophy is to give as few privileges as possible but still allow people to get their work done. Security Fixes: In Sudo through 1.9.17p2 before 3e474c2, a failure of a setui...

SUSE CVE-2026-31544

In the Linux kernel, the following vulnerability has been resolved: firmware: armscmi: Fix NULL dereference on notify error path Since commit b5daf93b809d1 "firmware: armscmi: Avoid notifier registration for unsupported events" the call chains leading to the helper scmieventhandlergetops expect a...

SUSE CVE-2026-31560

In the Linux kernel, the following vulnerability has been resolved: spi: spi-dw-dma: fix print error log when wait finish transaction If an error occurs, the device may not have a current message. In this case, the system will crash. In this case, it's better to use dev from the struct ctlr struc...

SUSE CVE-2026-31613

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE returns STATUSSTOPPEDONSYMLINK, smb2checkmessage returns success without any length validation, leaving the symlink parsers as the only defense against an...

SUSE CVE-2026-31621

In the Linux kernel, the following vulnerability has been resolved: bnge: return after auxiliarydeviceuninit in error path When auxiliarydeviceadd fails, the error block calls auxiliarydeviceuninit but does not return. The uninit drops the last reference and synchronously runs bngeauxdevrelease,...