156 matches found
CVE-2026-53038
A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When handling unsupported Trusted Platform Module TPM hash algorithms, the imafs component incorrectly accesses a hash algorithm name array, leading to a read out-of-bounds. This vulnerability could allow a...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fixed the issue when the kexec target address is allocated in the CMA area. Description of the bug When I tested kexec with the latest kernel, I encountered the following warning: 40.712410 ------------ cut here ---...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IMA: Verify that the IMA buffer from the previous kernel is within the addressable RAM. Patch series “Address page fault in imarestoremeasurementlist”, version 3. When the second-stage kernel is booted using kexec with a limiting...
kernel-rt security update
An update is available for kernel-rt. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel-rt packages provide the Real Time Linux Kernel, which enables...
RLSA-2026:21745 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...
RLSA-2026:21706 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183 kernel: ALSA: firewire-motu: fix buffer...
RLSA-2026:21556 Important: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: proc: use the same treatment to check proclseek as ones for procreaditer et.al CVE-2025-38653 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
RockyLinux 8 : kernel (RLSA-2026:21706)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:21706 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-68183...
CVE-2025-71306
A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. This vulnerability involves a stack-out-of-bounds access within the imaappraisemeasurement function during the processing of bprmcreds for execution. An attacker could potentially trigger this flaw by causing...
kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
kernel: ima: don't clear IMA_DIGSIG flag when setting or removing non-IMA xattr
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
ALSA-2026:21745 Important: kernel-rt security update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr...
CVE-2025-71306
In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...
PT-2026-43689
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A stack-out-of-bounds access occurs in the ima appraise measurement function via is bprm creds for exec. This issue is triggered by an incorrect offset calculation when using container o...
Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-6.1, Linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: ima: Fixed a use-after-free issue related to the dname.name of a dentry. – dname.name can be changed during a rename operation, and the previous value can be freed. There are conditions that could potentially stabilize this...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: IMA: Do not clear the IMADIGSIG flag when setting or removing non-IMA xattr. Currently, when both IMA and EVM are in “fix” mode, the IMA signature will be reset to the IMA hash if a program first stores the IMA signature in...
SUSE CVE-2026-43240
In the Linux kernel, the following vulnerability has been resolved: x86/kexec: add a sanity check on previous kernel's ima kexec buffer When the second-stage kernel is booted via kexec with a limiting command line such as "mem=", the physical range that contains the carried over IMA measurement...
CVE-2026-43240
A flaw was found in the Linux kernel's x86/kexec component. When a second-stage kernel is booted with a memory-limiting command, the Integrity Measurement Architecture IMA kexec buffer may be located outside the accessible memory range. This can lead to a kernel panic, effectively causing a Denia...
CVE-2026-43129
A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. When a second-stage kernel is booted via kexec with a memory-limiting command line, the IMA measurement buffer from the previous kernel may fall outside the new kernel's addressable memory. This out-of-bounds...