CVE-2026-46284

A flaw was found in the Linux kernel's hugetlb memory management. A local user could exploit this by providing malformed kernel command-line parameters, such as hugepages or hugepagesz, without an '=' separator. This improper handling of input during early parameter parsing can lead to a system...

EulerOS Virtualization 2.12.1 : kernel (EulerOS-SA-2026-2077)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : netfilter: ctnetlink: remove refcounting in expectation dumpersCVE-2025-39764 nvme: nvme-fc: Ensure -ioerrwork is cancelled in...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoiding soft lockup when using mprotect on a large memory area When calling mprotect on a large hugetlb memory area in our customer’s workload 300GB of hugetlb memory, soft lockup was observed: watchdog: BUG: soft...

CVE-2026-43286

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 "mm: hugetlb: fix incorrect fallback for subpool" fixed an underflow error for hstate-resvhugepages caused by incorrectly attributing globally requeste...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011165)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011165 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a larg...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013043)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013043 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a larg...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007502)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007502 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a larg...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39977:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39977...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001778)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001778 advisory. Memory leak in mm/hugetlb.c in the Linux kernel before 3.4.2 allows local users to cause a denial of service memory consumption or system crash via invalid MAPHUGETL...

CLSA-2026-1767864313 kernel: Fix of 46 CVEs

mm: hugetlb: fix UAF in hugetlbhandleuserfault CVE-2022-50630 - drm/amdkfd: fix potential kgdmem UAFs CVE-2023-53816 - net/mlx5e: Fix deadlock in tc route query code CVE-2023-53591 - PCI: Fix pcideviceispresent for VFs by checking PF CVE-2022-50636 - wifi: ath11k: fix monitor mode bringup crash...

SUSE-SU-2026:20012-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. - CVE-2025-37916: pdscore: remove write-after-free of clientid bsc1243474. -...

CVE-2025-40153

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a large hugetlb memory area in our customer's workload 300GB hugetlb memory, soft lockup was observed: watchdog: BUG: soft lockup - CPU98...

CVE-2025-40153 mm: hugetlb: avoid soft lockup when mprotect to large memory area

In the Linux kernel, the following vulnerability has been resolved: mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a large hugetlb memory area in our customer's workload 300GB hugetlb memory, soft lockup was observed: watchdog: BUG: soft lockup - CPU98...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a soft locking issue in mprotect's handling of large hugetlb memory...

Linux Distros Unpatched Vulnerability : CVE-2025-40153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm: hugetlb: avoid soft lockup when mprotect to large memory area When calling mprotect to a large hugetlb memory area in our customer's workload 300GB hugetlb...

PT-2025-46628

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17-rc7 Description The Linux kernel may experience a soft lockup when calling the mprotect function on a large hugetlb memory area approximately 300GB in observed customer workloads. This issue occurs because t...

Linux Distros Unpatched Vulnerability : CVE-2025-22034

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series mm: fixes for device-exclusive...

CVE-2025-22034

In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLLSPLITPMD with hugetlb VMAs Patch series "mm: fixes for device-exclusive entries hmm", v2. Discussing the PageTail call in makedeviceexclusiverange with Willy, I recently discovered 1 that device-exclusive...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the incompatibility of FOLLSPLITPMD with the hugetlb VMA...