kernel: Linux kernel: xHCI driver isochronous event handling race condition leading to data loss or UAF

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. This vulnerability allows data loss or buffer Use-After-Free UAF due to a race condition during isochronous Ring Underrun/Overrun event handling...

kernel: Linux kernel: xHCI driver isochronous event handling race condition leading to data loss or UAF

A flaw was found in the Linux kernel's xHCI eXtensible Host Controller Interface driver. This vulnerability allows data loss or buffer Use-After-Free UAF due to a race condition during isochronous Ring Underrun/Overrun event handling...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

USN-8048-1: Linux kernel (OEM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

SUSE CVE-2025-71200

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MSHC controller...

USN-8033-3 linux-aws-fips, linux-fips, linux-gcp-fips vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

USN-8033-2 linux-intel-iot-realtime, linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

USN-8033-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

USN-8033-1 linux, linux-aws, linux-gcp, linux-gke, linux-gkeop, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-lowlatency, linux-lowlatency-hwe-5.15 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Nios II architecture; - Sun Sparc architecture; - User-Mode Linux UML; - x86 architecture; - Block layer subsystem;...

USN-8030-1 linux-gcp vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - Nios II architecture; - PA-RISC architecture; - RISC-V architecture; -...

kernel: Bluetooth: hci_sync: fix race in hci_cmd_sync_dequeue_once

A use-after-free flaw was found in hcicmdsyncdequeueonce in net/bluetooth/hcisync.c in Bluetooth: hcisync in Linux Kernel. This vulnerability could even lead to a kernel information leak problem...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

kernel: Linux kernel: Information disclosure and denial of service in Bluetooth HCI event handling

A flaw was found in the Linux kernel's Bluetooth component. A local attacker with low privileges could exploit a vulnerability in the Host Controller Interface HCI event processing. This issue arises from improper handling of command complete events with unknown opcodes, which can lead to the...

SUSE CVE-2026-23009

In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during suspend/wake-u...

CVE-2026-22998

CVE-2026-22998 affects the Linux kernel’s NVMe over Fabrics NVMe-TCP path. The issue is a NULL pointer dereference in nvmet_tcp_build_pdu_iovec triggered by H2C_DATA PDUs when command data structures are uninitialized or partially initialized. Specifically, nvmet_tcp_handle_h2c_data_pdu() could p...

Linux Distros Unpatched Vulnerability : CVE-2026-23009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has ...

Azure Linux 3.0 Security Update: kernel (CVE-2024-57981)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-57981 advisory. - In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix NULL pointer dereference ...

ROS-20260119-7329

A vulnerability in the ufsbsgremove function of the drivers/ufs/core/ufsbsg.c module of the Linux kernel's UFS Universal Flash Storage host controller support is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentialit...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001579)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001579 advisory. A flaw use-after-free in function scosocksendmsg of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIOREGISTER or other way triggers race...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003950)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003950 advisory. An issue was discovered in the Linux kernel before 5.0.5. There is a use-after-free issue when hciuartregisterdev fails in hciuartsetproto in...