CVE-2026-43458

In the Linux kernel, the following vulnerability has been resolved: serial: caif: hold tty-link reference in ldiscopen and serrelease A reproducer triggers a KASAN slab-use-after-free in ptywriteroom when caifserial's TX path calls ttywriteroom. The faulting access is on tty-link-port. Hold an...

SUSE CVE-2026-31686

In the Linux kernel, the following vulnerability has been resolved: mm/kasan: fix double free for kasan pXds kasanfreepxd assumes the page table is always struct page aligned. But that's not always the case for all architectures. E.g. In case of powerpc with 64K pagesize, PUD table of size 4096...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005171)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005171 advisory. In the Linux kernel, the following vulnerability has been resolved: acpi: nfit: vmalloc-out-of-bounds Read in acpinfitctl Fix an issue detected by syzbot with KASAN:...

CVE-2025-40091 ixgbe: fix too early devlink_free() in ixgbe_remove()

In the Linux kernel, the following vulnerability has been resolved: ixgbe: fix too early devlinkfree in ixgberemove Since ixgbeadapter is embedded in devlink, calling devlinkfree prematurely in the ixgberemove path can lead to UAF. Move devlinkfree to the end. KASAN report: BUG: KASAN:...

EUVD-2022-55233

Malicious code in bioql PyPI...

EUVD-2022-55473

Malicious code in bioql PyPI...

PT-2025-37502

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains a vulnerability in the iwlwifi MVM subsystem that can lead to a double free on the transmit path. This issue can cause kernel crashes, lockups, and KASAN...

RHEL 8 : kernel (RHSA-2025:15656)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15656 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: ext4: use-after-free in...

CVE-2025-38728

In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...

Linux Distros Unpatched Vulnerability : CVE-2025-21887

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by...

Linux Distros Unpatched Vulnerability : CVE-2024-26932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix double-free issue in tcpmportunregisterpd When unregister pd capabilit...

Linux Distros Unpatched Vulnerability : CVE-2024-26710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: powerpc/kasan: Limit KASAN thread size increase to 32KB KASAN is seen to increase stack usag...

DEBIAN-CVE-2025-38464

In the Linux kernel, the following vulnerability has been resolved: tipc: Fix use-after-free in tipcconnclose. syzbot reported a null-ptr-deref in tipcconnclose during netns dismantle. 0 tipctopsrvstop iterates tipcnetnet-topsrv-connidr and calls tipcconnclose for each tipcconn. The problem is th...

DEBIAN-CVE-2025-37750

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in decryption with multichannel After commit f7025d861694 "smb: client: allocate crypto only for primary server" and commit b0abcd65ec54 "smb: client: fix UAF in async decryption", the channels started reusin...

CVE-2022-49623 powerpc/xive/spapr: correct bitmap allocation size

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive/spapr: correct bitmap allocation size kasan detects access beyond the end of the xibm-bitmap allocation: BUG: KASAN: slab-out-of-bounds in findfirstzerobit+0x40/0x140 Read of size 8 at addr c00000001d1d0118 by task...

PT-2026-2894

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.14.0-630.el9.x86 64+debug 1 Description A flaw exists in the Linux kernel's RDMA/irdma subsystem, specifically within the irdma net event function. The function could dereference an invalid memory location unde...

SUSE CVE-2024-53227

In the Linux kernel, the following vulnerability has been resolved: scsi: bfa: Fix use-after-free in bfadimmoduleexit BUG: KASAN: slab-use-after-free in lockacquire+0x2aca/0x3a20 Read of size 8 at addr ffff8881082d80c8 by task modprobe/25303 Call Trace: dumpstacklvl+0x95/0xe0 printreport+0xcb/0x6...

AZL-54824 CVE-2024-53185 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in cryptoaeadsetkey Neither SMB3.0 or SMB3.02 supports encryption negotiate context, so when SMB2GLOBALCAPENCRYPTION flag is set in the negotiate response, the client uses AES-128-CCM as the defaul...

AZL-54265 CVE-2024-53108 affecting package kernel for versions less than 5.15.173.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Adjust VSDB parser for replay feature At some point, the IEEE ID identification for the replay check in the AMD EDID was added. However, this check causes the following out-of-bounds issues when using KASAN:...

DEBIAN-CVE-2022-48803

In the Linux kernel, the following vulnerability has been resolved: phy: ti: Fix missing sentinel for clkdivtable gettablemaxdiv tries to access "clkdivtable" array out of bound defined in phy-j721e-wiz.c. Add a sentinel entry to prevent the following global-out-of-bounds error reported by enabli...