CVE-2025-71090

CVE-2025-71090 describes a Linux kernel NFS daemon leak in nfsd4_add_rdaccess_to_wrdeleg(). The function overwrites fp->fi_fds[O_RDONLY] with a new nfsd_file even when a SHARE_ACCESS_READ is already open, thereby orphaning the prior reference. It previously stored the same nfsd_file pointer in...

CVE-2025-71089 iommu: disable SVA when CONFIG_X86 is set

In the Linux kernel, the following vulnerability has been resolved: iommu: disable SVA when CONFIGX86 is set Patch series "Fix stale IOTLB entries for kernel address space", v7. This proposes a fix for a security vulnerability related to IOMMU Shared Virtual Addressing SVA. In an SVA context, an...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: pinctrl: Check the return value of pinmuxops::getfunctionname. While the API contract in the documentation does not explicitly specify this, the generic implementation of the getfunctionname callback from struct pinmuxops –...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: bytcrrt5651 – Fixed invalid quirk input mapping. When an invalid value is passed via the quirk option, the bytcrrt5640 driver currently simply ignores it and leaves it unchanged. This may lead to unexpected results,...

RHEL 8 : kernel (RHSA-2026:0444)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0444 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: media: rc: fix races with...

kernel: Bluetooth: hci_event: Fix UAF in hci_conn_tx_dequeue

A flaw was discovered in the Bluetooth subsystem of the Linux kernel. When processing a HCIEVNUMCOMPPKTS event, the function hciconntxdequeue did not properly hold or release the hdev device lock, which may lead to a use-after-free of the connection structure...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel security update

5.14.0-611.20.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

Unbreakable Enterprise kernel security update

5.4.17-2136.351.3.1 - fs/proc: fix uaf in procreaddirde Wei Yang Orabug: 38787139 CVE-2025-40271 5.4.17-2136.351.3 - Reapply 'cpuidle: menu: Avoid discarding useful information' Harshvardhan Jha Orabug: 38715366 - fbcon: fix integer overflow in font allocation Samasth Norway Ananda Orabug: 387025...

ALSA-2026:0453 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: HID: multitouch: fix slab out-of-bounds access in mtreportfixup CVE-2025-39806 kernel: audit: fix out-of-bounds read in auditcomparednamepath CVE-2025-39840 kernel: mm: slub: avoid wake u...

CVE-2024-34726

In PVRSRVMMap of pvrbridgek.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2024-34724

In UnrefAndMaybeDestroy of pmr.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000444 advisory. Resource leak in i40e driver for IntelR Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000510)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000510 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftlimit: avoid possible divide error in nftlimitinit divu64 divides u64 by u32...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000293)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000293 advisory. Insufficient input validation in Kernel Mode Driver in IntelR i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000495)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000495 advisory. A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlin...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53659: iavf: Fix out-of-bounds when setting channels on remove bsc1251247. CVE-2023-53676:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-50280: pnode: terminate at peers of source bsc1249806. CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786...

SUSE-SU-2026:0029-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2022-50280: pnode: terminate at peers of source bsc1249806. - CVE-2023-53676: scsi: target: iscsi: Fix buffer overflow in liotargetnaclinfoshow bsc1251786. -...