kernel: mm/page_alloc: clear page->private in free_pages_prepare()

A flaw was found in the Linux kernel's memory management subsystem. When pages are freed, the page-private field is not properly cleared. If these pages are later reallocated as high-order pages and split, the tail pages can retain stale page-private values. This can lead to a use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2026-31697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: ccp: Don't attempt to copy ID to userspace if PSP command failed When retrieving the ID for the CPU, don't attempt to copy the ID blob to userspace if t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-013240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013240 advisory. In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in skmemraiseallocated. syzbot reported 0 a null-ptr-deref ...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007246)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007246 advisory. In the Linux kernel, the following vulnerability has been resolved: tracing/histograms: Add histograms to histvars if they have referenced variables Hist triggers ca...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

CVE-2023-54283

In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpflrulist KCSAN reported a data-race when accessing node-ref. Although node-ref does not have to be accurate, take this chance to use a more common READONCE and WRITEONCE pattern instead of datarace...

CVE-2023-54011

The CVE-2023-54011 issue in the Linux kernel relates to the SCSI mpi3mr subsystem. Root cause: a KASAN-detected flaw caused incorrect write sizing, using 64-byte writes instead of the correct 32-byte size. Impact was mitigated by a kernel fix applied to the mpi3mr driver, correcting the write siz...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

kernel: mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory

A use-after-free memory bug exists in the linux kernel, such that unpoisonmemory tries to check the PGHWPoison flags of an uninitialized page. So VMBUGONPAGEPagePoisonedpage is triggered, leading to damage to the system availability and integrity...

UBUNTU-CVE-2025-40008

In the Linux kernel, the following vulnerability has been resolved: kmsan: fix out-of-bounds access to shadow memory Running sha224kunit on a KMSAN-enabled kernel results in a crash in kmsaninternalsetshadoworigin: BUG: unable to handle page fault for address: ffffbc3840291000 PF: supervisor read...

CVE-2022-50480 memory: pl353-smc: Fix refcount leak bug in pl353_smc_probe()

In the Linux kernel, the following vulnerability has been resolved: memory: pl353-smc: Fix refcount leak bug in pl353smcprobe The break of foreachavailablechildofnode needs a corresponding ofnodeput when the reference 'child' is not used anymore. Here we do not need to call ofnodeput in fail path...

Linux Distros Unpatched Vulnerability : CVE-2022-49738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - f2fs: fix to do sanity check on iextraisize in isalive syzbot found a f2fs bug: BUG: KASAN: slab-out- of-bounds in datablkaddr fs/f2fs/f2fs.h:2891 inline BUG:...

kernel: i3c: master: Fix miss free init_dyn_addr at i3c_master_put_i3c_addrs()

A vulnerability was found in the i3cmasterputi3caddrs function in the Linux kernel's i3c driver. A memory management issue can occur due to a copy-paste error between "dynaddr" and "initdynaddr", which leads to incorrect handling of memory, potentially causing resource mismanagement and instabili...

UBUNTU-CVE-2022-49557

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: KVM: Set the base guest FPU uABI size to sizeofstruct kvmxsave Set the starting uABI size of KVM's guest FPU to 'struct kvmxsave', i.e. to KVM's historical uABI size. When saving FPU state for usersapce, KVM well, now th...

Signed/unsigned conversion bug in OpenBSD select() call

By passing negative argument to select function it's possible to overwrite the fragment of kernel memory...