314 matches found
RockyLinux 10 : kernel (RLSA-2026:2282)
The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:2282 advisory. kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38415 kernel: vsock/vmci: Clear the vmci transport...
USN-8015-4 linux-aws, linux-aws-6.8, linux-gcp, linux-gcp-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency-hwe-6.8 vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...
ALSA-2026:2282 Moderate: kernel security update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Memory corruption in Squashfs due to incorrect block size calculation CVE-2025-38415 kernel: vsock/vmci: Clear the vmci transport packet properly when initializing it...
kernel security update
5.14.0-611.30.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...
kernel security update
An update is available for kernel. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...
USN-8015-3 linux-fips, linux-aws-fips, linux-gcp-fips vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...
USN-8015-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...
USN-8015-2 linux-realtime, linux-realtime-6.8, linux-raspi-realtime vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...
USN-8016-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SPI subsystem; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698,...
USN-8016-1 linux-nvidia, linux-nvidia-6.8, linux-nvidia-lowlatency vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SPI subsystem; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698,...
USN-8015-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - SMB network file system; - iouring subsystem; CVE-2025-38561, CVE-2025-39698, CVE-2025-40019...
Oracle Linux 10 : kernel (ELSA-2026-1690)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-1690 advisory. - RDMA/core: Fix 'KASAN: slab-use-after-free Read in ibregisterdevice' problem CKI Backport Bot RHEL-134363 CVE-2025-38022 - ASoC: Intel: bytcrrt5640:...
kernel: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU
A use-after-free flaw was found in iouring/msgring in the Linux Kernel. In this flaw iokiocb freeing is deferred for RCU which can lead to a kernel information leak problem...
SUSE-SU-2026:20168-1 Security update for the Linux Kernel RT (Live Patch 1 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.6.1 fixes various security issues The following security issues were fixed: - CVE-2025-39963: iouring: fix incorrect iokiocb reference in iolinkskb bsc1251982. - CVE-2025-40204: sctp: Fix MAC comparison to be constant-time bsc1253437....
SUSE-SU-2026:20164-1 Security update for the Linux Kernel RT (Live Patch 0 for SUSE Linux Enterprise 16)
This update for the SUSE Linux Enterprise kernel 6.12.0-160000.5.1 fixes various security issues The following security issues were fixed: - CVE-2024-53164: net: sched: fix ordering of qlen adjustment bsc1246019. - CVE-2025-38500: xfrm: interface: fix use-after-free after changing collectmd xfrm...
CVE-2025-71149
...
CVE-2025-71149 io_uring/poll: correctly handle io_poll_add() return value on update
In the Linux kernel, the following vulnerability has been resolved: iouring/poll: correctly handle iopolladd return value on update When the core of iouring was updated to handle completions consistently and with fixed return codes, the POLLREMOVE opcode with updates got slightly broken. If a...
MiracleLinux 9 : nodejs:20 (AXSA:2024-7667:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7667:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004239)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004239 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004194)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004194 advisory. In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to...