kernel: can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

A flaw was found in the Linux kernel's Controller Area Network CAN ISO-TP isotp module. This vulnerability, known as a use-after-free, occurs when the system attempts to free a memory region while it is still being used. A local attacker could trigger this condition by sending a signal that...

Astra Linux – Vulnerability found in Linux 6.1, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: Firewire: In the net subsystem, a bug related to use-after-free was fixed in the fwnetfinishincomingpacket function. The netifrx function frees the skb, but we cannot dereference it to save the skb-len...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinkqueue: The hash table is now created per queue. Sharing a global hash table among all queues is tempting, but it can lead to crashes. Bug: KASAN: A “slab-use-after-free” issue exists in...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RHEL 8 : kernel (RHSA-2026:20130)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:20130 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: can: raw: fix ro-uniq...

CVE-2026-45251 Kernel use-after-free via file descriptor syscalls

A file descriptor can be closed while a thread is blocked in a poll2 or select2 call waiting for that descriptor. Because the blocked thread does not hold a reference to the underlying object, this closure may result in the object being freed while the thread remains blocked. In this situation, t...

Windows Win32k Elevation of Privilege Vulnerability

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally...

AlmaLinux 10 : kernel (ALSA-2026:13566)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:13566 advisory. kernel: Linux kernel: Use-after-free in traffic control actct may lead to denial of service or privilege escalation CVE-2026-23270 kernel: nfsd: fix hea...

RHEL 8 : kernel (RHSA-2026:9513)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:9513 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: smc: Fix use-after-free in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013107)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013107 advisory. In the Linux kernel, the following vulnerability has been resolved: vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to...

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-011258)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011258 advisory. In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: reorder cleanup in btusbdisconnect to avoid UAF There is a KASAN:...

RockyLinux 8 : kernel-rt (RLSA-2026:6036)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:6036 advisory. kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink...

AlmaLinux 8 : kernel (ALSA-2026:6037)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:6037 advisory. kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink...

RHEL 9 : kernel (RHSA-2026:5692)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5692 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel:A use-after-free in bridge...

KB5078734: Windows Server version 23H2 Security Update (March 2026)

The remote Windows host is missing security update 5078734. It is, therefore, affected by multiple vulnerabilities - Use after free in Windows Print Spooler Components allows an authorized attacker to execute code over a network. CVE-2026-23669 - Heap-based buffer overflow in Windows File Server...

ALSA-2026:3083 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 kernel: Linux kernel:A use-after-free in bridge multicast in brmulticastportctxinit CVE-2025-38248 kernel: smc: Fix...

MiracleLinux 9 : kernel-5.14.0-611.26.1.el9_7 (AXSA:2026-144:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-144:08 advisory. kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

MiracleLinux 4 : kernel-2.6.32-754.35.1.el6 (AXSA:2020-791:13)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-791:13 advisory. kernel: Count overflow in FUSE request leading to use-after-free issues. CVE-2019-11487 Tenable has extracted the preceding description block directly from th...

MiracleLinux 9 : kernel-5.14.0-284.18.1.el9_2 (AXSA:2023-6137:18)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6137:18 advisory. kernel: use-after-free vulnerability in the perfgroupdetach function of the Linux Kernel Performance Events CVE-2023-2235 kernel: netfilter:...