CVE-2026-23070 Octeontx2-af: Add proper checks for fwdata

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

CVE-2026-23070

CVE-2026-23070 is an in-kernel issue affecting the Linux kernel (noted in Debian/SUSE advisories) related to Octeontx2-af hardware. The vulnerability stems from missing/insufficient checks for fwdata in the shared firmware structure accessed by the MAC block (CGX/RPM). On boards booted without MA...

EUVD-2026-5482

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

CVE-2026-23062

The CVE-2026-23062 issue is in the Linux kernel platform/x86 hp-bioscfg code. The root cause is twofold: an off-by-one error in a loop using <= instead of

CVE-2026-23062

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

CVE-2026-23062 platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

CVE-2026-23062

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

CVE-2026-23062 platform/x86: hp-bioscfg: Fix kernel panic in GET_INSTANCE_ID macro

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

CVE-2026-23060

The CVE-2026-23060 issue in the Linux kernel crypto: authencesn module arises when assoclen

EUVD-2026-5484

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

Linux Distros Unpatched Vulnerability : CVE-2026-23060

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes...

Linux Distros Unpatched Vulnerability : CVE-2026-23062

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1...

kernel: net: atlantic: fix fragment overflow handling in RX path

An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAXSKBFRAGS 17 fragments, the driver writes beyond the skb fragment array bounds in skbaddrxfrag, causing kernel memory corruption and panic...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005027)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005027 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is...

CVE-2026-23005

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46843)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46843 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only i...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38113)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38113 advisory. - In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37773)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37773 advisory. - In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source...