CVE-2026-52935

The CVE-2026-52935 entry concerns the Linux kernel xfrm/espintcp code. The issue arises from reusing an in-progress partial transmit state (ctx->partial) when building a new sk_msg, where espintcp_sendmsg() may prematurely reuse the live partial if espintcp_push_msgs() reports success while a ...

AlmaLinux 10 : kernel (ALSA-2026:18134)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:18134 advisory. kernel: tcpbpf: Fix the skmemuncharge logic in tcpbpfsendmsg CVE-2024-56633 kernel: KVM: x86: Load DR6 with guest value only before entering .vcpurun lo...

SUSE-SU-2026:2238-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013. -...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2025-68310: s390/pci: Use pciueventers in PCI recovery bsc1255160. CVE-2025-71183: btrfs: always detect...

SUSE-SU-2026:2217-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-20585: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2025-68310: s390/pci: Use pciueventers in PCI recovery bsc1255160. - CVE-2025-71183: btrfs: always detect...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. CVE-2025-54518: x86/CPU/AMD: Prevent improper isolation of shared resources in Zen2's op cache bsc1264013...

kernel: espintcp: remove encap socket caching to avoid reference leak

In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrmstate - enacpsk - netns Since...

kernel: espintcp: remove encap socket caching to avoid reference leak

In the Linux kernel, the following vulnerability has been resolved: espintcp: remove encap socket caching to avoid reference leak The current scheme for caching the encap socket can lead to reference leaks when we try to delete the netns. The reference chain is: xfrmstate - enacpsk - netns Since...

RHEL 10 : kernel (RHSA-2026:18134)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:18134 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: tcpbpf: Fix the skmemuncharg...

Important: kernel6.18

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: fix infinite loop in attrloadrunsrange on inconsistent metadata...

CVE-2026-31518

A flaw was found in the Linux kernel. When the espintcp component processes network traffic using asynchronous cryptography, a memory leak can occur. This happens because a socket buffer skb is not correctly released if the transmit queue becomes full. This continuous leak of memory can lead to...

CVE-2026-31518

In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, espoutputtailtcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packe...

CVE-2026-31518

CVE-2026-31518 affects the Linux kernel espintcp path when using asynchronous crypto. If the TX queue for espintcp is full, esp_output_tail_tcp returns an error and the skb is not freed under earlier synchronous handling; with async crypto (esp_output_done) the skb must be dropped when esp_output...

openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20572-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20572-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scs...

PT-2026-34423

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak occurs in the Linux kernel involving socket buffers skb when using espintcp with asynchronous crypto. When the TX queue for espintcp is full, the esp output tail tcp functi...

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: fs/xattr: missing fdput in fremovexattr error path CVE-2024-14027 In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux...

Amazon Linux 2023 : bpftool6.18, kernel6.18, kernel6.18-devel (ALAS2023-2026-1515)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1515 advisory. In the Linux kernel, the following vulnerability has been resolved: audit: add fchmodat2 to change attributes class CVE-2025-71239 In the Linux kernel, the following vulnerability has been...

ROS-20260323-73-0002

A vulnerability in the espintcp component of the Linux operating system kernel is related to the lack of memory release after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

SUSE CVE-2026-23239

In the Linux kernel, the following vulnerability has been resolved: espintcp: Fix race condition in espintcpclose This issue was discovered during a code audit. After cancelworksync is called from espintcpclose, espintcptxwork can still be scheduled from paths such as the Delayed ACK handler or...

Linux Distros Unpatched Vulnerability : CVE-2026-23239

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - espintcp: Fix race condition in espintcpclose This issue was discovered during a code audit. After cancelworksync is called from espintcpclose, espintcptxwork...