CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

MINI-J73M-3PJR-24HV

Bulletin has no description...

CVE-2026-9334

A flaw was found in perl-Cpanel-JSON-XS. This vulnerability allows a remote attacker to cause a denial of service DoS by providing specially crafted JSON input with duplicate object keys. When the dupkeysasarrayref option is enabled, the decodehv function incorrectly processes the input, leading ...

Astra Linux - уязвимость в linux, linux-5.10

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Another memory leak has been fixed in the error handling paths. The memory allocated by vmbusallocring at the beginning of the probe function is never freed during the error handling process. Add the necessary...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: Do not free decrypted memory. In CoCo VMs, it is possible for the untrusted host to cause setmemoryencrypted or setmemorydecrypted to fail, resulting in an error and the memory being retained. Callers must take care to...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: A memory leak has been fixed in error handling paths. If the vmbusestablishgpadl function fails, the recv|sendgpadl functions will not be updated, and the hvuiocleanup function in the error handling path will not be...

CVE-2026-43475

A flaw was found in the Linux kernel's hvstorvsc component. When the kernel is configured with PREEMPTRT Real-Time Preemption and running on a Hyper-V virtual machine, a local process performing specific I/O operations can trigger a concurrency issue. This can lead to a system lock-up or crash,...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: HV: hvballoon: fixed a memory leak that occurred when using debugfslookup. When calling debugfslookup, the result must have had dput called upon it; otherwise, a memory leak would occur over time. To simplify things, simply call...

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Fixed stack handling in idlekvmstartguest In commit 10d91611f426 “powerpc/64s: Reimplemented the book3s idle code in C”, kvmstartguest became idlekvmstartguest. The old code allocated a stack frame on the...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init are a poor combination, as the .init.text section is freed after initialization. As a result, modules cannot use symbols annotated with init...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013712)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013712 advisory. In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011342)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011342 advisory. In the Linux kernel, the following vulnerability has been resolved: uiohvgeneric: Let userspace take care of interrupt mask Remove the logic to set interrupt mask by...

CVE-2026-23054

In the Linux kernel, the following vulnerability has been resolved: net: hvnetvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndisfilterdeviceadd does not allocate an...

CVE-2026-23054 net: hv_netvsc: reject RSS hash key programming without RX indirection table

In the Linux kernel, the following vulnerability has been resolved: net: hvnetvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndisfilterdeviceadd does not allocate an...

CGA-3R43-HQ4X-HV47

Bulletin has no description...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0029-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0029-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: -...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992858)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992858 advisory. In the Linux kernel, the following vulnerability has been resolved: hvsock: Initializing vsk-trans to NULL to prevent a dangling pointer When hvs is released, there ...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...

SUSE-SU-2025:4506-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50280: pnode: terminate at peers of source bsc1249806. - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786. -...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50253: bpf: make sure skb-len != 0 when redirecting to a tunneling device bsc1249912. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in...