USN-8310-1 linux-azure, linux-azure-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8277-1 linux, linux-aws, linux-hwe-6.17, linux-oem-6.17, linux-oracle, linux-raspi, linux-realtime, linux-realtime-6.17 vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

CVE-2026-43331

Summary of details (CVE-2026-43331): In the Linux kernel, a KCOV instrumentation issue in the x86/kexec path is resolved by disabling KCOV for the affected areas. The root cause is that load_segments() changes segment registers and invalidates the GS base KCOV relies on for per-CPU data, causing ...

CVE-2026-43129

In the Linux kernel, the following vulnerability has been resolved: ima: verify the previous kernel's IMA buffer lies in addressable RAM Patch series "Address page fault in imarestoremeasurementlist", v3. When the second-stage kernel is booted via kexec with a limiting command line such as "mem="...

PT-2026-37469

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists where the Integrity Measurement Architecture IMA measurement buffer passed from a previous kernel may fall outside the addressable RAM of a new kernel when the second-sta...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec – Fix for memory leak in the elf header buffer This issue was reported by the kmemleak detector: Unreferenced object: 0xff2000000403d000 size 4096 Command: “kexec”, PID: 146, Jiffies: 4294900633 age: 64.792 seconds...

SUSE CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

CVE-2025-71139

CVE-2025-71139 – Linux kernel kexec CMA/IMA handling : The issue arises when the kexec target address is allocated in CMA space. The kernel’s kimage_map_segment() path assumes IND_SOURCE pages exist and maps them via vmap(), but CMA-based allocation bypasses IND_SOURCE, leading to a warning and i...

CVE-2025-40330 bnxt_en: Shutdown FW DMA in bnxt_shutdown()

In the Linux kernel, the following vulnerability has been resolved: bnxten: Shutdown FW DMA in bnxtshutdown The netifclose call in bnxtshutdown only stops packet DMA. There may be FW DMA for trace logging recently added that will continue. If we kexec to a new kernel, the DMA will corrupt memory ...

PT-2026-2900

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to kexec and the Integrity Measurement Architecture IMA. Specifically, the issue arises when the kexec target address is allocated within the CM...