Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as follows: BUG: KASAN: use-after-free in createpipe, include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0,...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resources for the second interface The imon driver probes two USB interfaces. When probing the second interface, the driver assumes blindly that the first interface was bound to the same imon...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which result in hung tasks due to forever holding device lock 1. First problem is that when usbrxcallbackintf0 once got -EPROTO error after...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013061)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013061 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: make sendpacket more robust syzbot is reporting that imon has three problems which...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007407)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007407 advisory. In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB...

CLSA-2026-1775657177 kernel: Fix of 9 CVEs

ovl: Filter invalid inodes with missing lookup function CVE-2024-56570 - ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 - media: imon: reorganize serialization CVE-2025-39993 - usb: xhci: Fix inverted ringxrunevent check in handletxevent CVE-2025-37882 - Revert "VFS: Impose ordering...

CLSA-2026-1775655363 kernel: Fix of 9 CVEs

ovl: Filter invalid inodes with missing lookup function CVE-2024-56570 - ALSA: aloop: Fix racy access at PCM trigger CVE-2026-23191 - media: imon: reorganize serialization CVE-2025-39993 - usb: xhci: Fix inverted ringxrunevent check in handletxevent CVE-2025-37882 - Revert "VFS: Impose ordering...

kernel security update

3.10.0-1160.119.1.0.19 - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug: 39036029 - atm: clip: Fix infinite recursive call of clippush. CVE-2025-38459 Orabug: 39036029 - usb: core: config: Preve...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1397)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1366)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

RHEL 8 : kernel (RHSA-2026:1512)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1512 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: e1000e: fix heap overflow in...

AlmaLinux 8 : kernel (ALSA-2026:0444)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0444 advisory. kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing CVE-2025-40240...

kernel-rt security update

An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...

RockyLinux 8 : kernel-rt (RLSA-2026:0443)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0443 advisory. kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing CVE-2025-40240...