kernel: net: atlantic: fix fragment overflow handling in RX path

An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAXSKBFRAGS 17 fragments, the driver writes beyond the skb fragment array bounds in skbaddrxfrag, causing kernel memory corruption and panic...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005027)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005027 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel panic when enabling bearer When enabling a bearer on a node, a kernel panic is...

CVE-2026-23005

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38262)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38262 advisory. - In the Linux kernel, the following vulnerability has been resolved: tty: serial: uartlite: register uart...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38290)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38290 advisory. - In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix node corruption in...

Azure Linux 3.0 Security Update: kernel (CVE-2024-46843)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-46843 advisory. - In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Remove SCSI host only i...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37773)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37773 advisory. - In the Linux kernel, the following vulnerability has been resolved: virtiofs: add filesystem context source...

Azure Linux 3.0 Security Update: kernel (CVE-2025-22033)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-22033 advisory. - In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38113)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38113 advisory. - In the Linux kernel, the following vulnerability has been resolved: ACPI: CPPC: Fix NULL pointer dereference...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50023)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50023 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: phy: Remove LED entry from LEDs lis...

MiracleLinux 7 : kernel-3.10.0-1127.8.2.el7 (AXSA:2020-121:05)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-121:05 advisory. kernel: double free may be caused by the function allocatetracebuffer in the file kernel/trace/trace.c CVE-2017-18595 kernel: use-after-free in...

kernel: net: atlantic: fix fragment overflow handling in RX path

An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAXSKBFRAGS 17 fragments, the driver writes beyond the skb fragment array bounds in skbaddrxfrag, causing kernel memory corruption and panic...

kernel: net: atlantic: fix fragment overflow handling in RX path

An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAXSKBFRAGS 17 fragments, the driver writes beyond the skb fragment array bounds in skbaddrxfrag, causing kernel memory corruption and panic...

MiracleLinux 8 : kernel-4.18.0-348.20.1.el8_5 (AXSA:2022-3099:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3099:05 advisory. kernel: improper initialization of the flags member of the new pipebuffer CVE-2022-0847 kernel: Use After Free in unixgc which could result in a loc...

SUSE CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

SUSE CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004362 advisory. A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index aft...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001611)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001611 advisory. A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index aft...

MiracleLinux 7 : kernel-3.10.0-327.36.1.el7 (AXSA:2016-707:07)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-707:07 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004096)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004096 advisory. A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index aft...