kernel: smc: Use __sk_dst_get() and dst_dev_rcu() in smc_clc_prfx_match()

A flaw was found in the Linux kernel’s SMC Shared Memory Communication module: in smcclcprfxmatch, the function is called from smclistenwork without proper RCU or RTNL protection. The code previously used skdstgetsk-dev, which can lead to a use-after-free UAF condition if the sk’s destination is...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ext4setattr function. When the truncation operation exceeds the inline capacity, the inline...

PT-2026-34418

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2cap ecred conn req Syzbot reported a KASAN stack-out-of-bounds read in l2cap build cmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerabili...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013733)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013733 advisory. In the Linux kernel, the following vulnerability has been resolved: hfs: fix missing hfsbnodeget in hfsbnodecreate Syzbot found a kernel BUG in hfsbnodeput: kernel...

PT-2026-34361

In the Linux kernel, the following vulnerability has been resolved: mm/pagewalk: fix race between concurrent split and refault The splitting of a PUD entry in walk pud range can race with a concurrent thread refaulting the PUD leaf entry causing it to try walking a PMD range that has disappeared...

FreeBSD : FreeBSD -- Kernel use-after-free bug in the TIOCNOTTY handler (971b5528-3def-11f1-bb07-bc241121aa0a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 971b5528-3def-11f1-bb07-bc241121aa0a advisory. The implementation of TIOCNOTTY failed to clear a back-pointer from the structure representing the...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010787)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010787 advisory. In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy target device if coalesced MMIO unregistration fails Destroy and free the target...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-013135)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013135 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug in extents parsing when ehentries == 0 and ehdepth 0 When walking through an inode...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011011)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011011 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf, cgroup: Fix kernel BUG in purgeeffectiveprogs Syzkaller reported a triggered kernel BUG as...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010942)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010942 advisory. In the Linux kernel, the following vulnerability has been resolved: nexthop: Forbid FDB status change while nexthop is in a group The kernel forbids the creation of...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013036)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013036 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scoconnfree BUG: KASAN: slab-use-after-free in scoconnfree...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007542)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007542 advisory. In the Linux kernel, the following vulnerability has been resolved: mtd: Fix device name leak when register device failed in addmtddevice There is a kmemleak when...

net/sched: cls_fw: fix NULL pointer dereference on shared blocks

...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006802)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006802 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: prevent kernel bug at submitbhwbc Fix a bug where nilfsgetblock returns a successful stat...

EUVD-2026-18774

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via gettsinfo ethtool call which is possible while the interfa...

CVE-2026-23467 drm/i915/dmc: Fix an unlikely NULL pointer deference at probe

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

CVE-2026-23374

A flaw was found in the Linux kernel's blktrace component. This vulnerability arises when the tracingrecordcmdline function attempts to access a per-CPU variable in a preemptible context, which is an unsafe operation. A local attacker could exploit this to trigger a kernel bug, potentially leadin...

kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

kernel: ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()

In the Linux kernel, the following vulnerability has been resolved: ipv6: BUG in pskbexpandhead as part of calipsoskbuffsetattr There exists a kernel oops caused by a BUGONnhead INTMAX i.e. intskbheadroomskb + lendelta skbheadroomskb is meant to ensure that delta = headroom - skbheadroomskb is...

Linux Distros Unpatched Vulnerability : CVE-2026-23321

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning:...