Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-35827)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35827 advisory. - In the Linux kernel, the following vulnerability has been resolved: iouring/net: fix overflow check ...

MiracleLinux 9 : kernel-5.14.0-611.5.1.el9_7 (AXSA:2025-11493:94)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11493:94 advisory. kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an iouring network multi-receive operation that could overflow completion queue entries, potentially leading...

RHEL 9 : kernel (RHSA-2025:20518)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20518 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: isotp: fix potential CAN frame reception race in isotprcv CVE-2022-48830 kernel: soc: qcom: cmd-db: Map shared memory as WC, not WB CVE-2024-46689 kernel: Squashfs: sanity check...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989765)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989765 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL:...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986662)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986662 advisory. In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL:...

Linux Distros Unpatched Vulnerability : CVE-2021-47040

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: iouring: fix overflows checks in provide buffers Colin reported before possible overflow and...

Linux Distros Unpatched Vulnerability : CVE-2022-1116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer Overflow or Wraparound vulnerability in iouring of Linux Kernel allows local attacker to cause memory corruption and escalate privileges to root. This...

Linux Distros Unpatched Vulnerability : CVE-2024-53187

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring: check for overflows in iopinpages WARNING: CPU: 0 PID: 5834 at iouring/memmap.c:144 iopinpages+0x149/0x180 iouring/memmap.c:144 CPU: 0 UID: 0 PID: 5834...

Linux Distros Unpatched Vulnerability : CVE-2023-52903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734...

CVE-2024-53187

In the Linux kernel, the following vulnerability has been resolved: iouring: check for overflows in iopinpages WARNING: CPU: 0 PID: 5834 at iouring/memmap.c:144 iopinpages+0x149/0x180 iouring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller 0...

CVE-2024-53187

In the Linux kernel, the following vulnerability has been resolved: iouring: check for overflows in iopinpages WARNING: CPU: 0 PID: 5834 at iouring/memmap.c:144 iopinpages+0x149/0x180 iouring/memmap.c:144 CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller 0...

PT-2024-33896

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: The issue is related to the io uring feature in the Linux kernel, where an overflow can cause a significant delay during flushing. Normally, this list is empty, but an application can overflo...

DEBIAN-CVE-2023-52903

In the Linux kernel, the following vulnerability has been resolved: iouring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at iouring/iouring.c:734 iocqringeventoverflow+0x1c0/0x230 iouring/iouring.c:734 CPU: 0 PID: 28 Comm:...

USN-5442-2 linux-bluefield, linux-gcp-5.4, linux-gkeop, linux-gkeop-5.4, linux-ibm-5.4, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5442-1 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-azure-fde, linux-gcp, linux-gke, linux-gke-5.4, linux-hwe-5.4, linux-ibm, linux-kvm vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...