kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

Important: Red Hat Security Advisory: kpatch-patch-4_18_0-553_109_1, kpatch-patch-4_18_0-553_40_1, kpatch-patch-4_18_0-553_53_1, kpatch-patch-4_18_0-553_72_1, and kpatch-patch-4_18_0-553_85_1 security update

An update for multiple packages is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

kernel: net: use dst_dev_rcu() in sk_setup_caps()

In the Linux kernel, the following vulnerability has been resolved: net: use dstdevrcu in sksetupcaps Use RCU to protect accesses to dst-dev from sksetupcaps and skdstgsomaxsize. Also use dstdevrcu in ip6dstmtumaybeforward, and ipdstmtumaybeforward. ip4dsthoplimit can use dstdevnetrcu...

kernel: nbd: defer config unlock in nbd_genl_connect

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

SUSE CVE-2025-71313

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Add missing NULL check for allocworkqueue allocworkqueue can return NULL on memory allocation failure. Without proper error checking, this may lead to a NULL pointer dereference when queuework is later called with...

UBUNTU-CVE-2026-46262

In the Linux kernel, the following vulnerability has been resolved: A...

AlmaLinux 8 : kernel (ALSA-2026:23258)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:23258 advisory. kernel: Linux kernel: smb: client: reject userspace cifs.spnego descriptions CVE-2026-46243 Tenable has extracted the preceding description block directly from th...

UBUNTU-CVE-2026-46260

In the Linux kernel, the following vulnerability has been resolved: i...

UBUNTU-CVE-2026-46253

In the Linux kernel, the following vulnerability has been resolved: p...

UBUNTU-CVE-2026-46246

In the Linux kernel, the following vulnerability has been resolved: p...

UBUNTU-CVE-2025-71314

In the Linux kernel, the following vulnerability has been resolved: d...

UBUNTU-CVE-2026-46244

In the Linux kernel, the following vulnerability has been resolved: n...

UBUNTU-CVE-2026-46269

In the Linux kernel, the following vulnerability has been resolved: p...

UBUNTU-CVE-2026-46266

In the Linux kernel, the following vulnerability has been resolved: i...

UBUNTU-CVE-2026-46263

In the Linux kernel, the following vulnerability has been resolved: d...

Important: Red Hat Security Advisory: OpenShift Container Platform 4.20.24 bug fix and security update

Red Hat OpenShift Container Platform release 4.20.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.20. Red Hat Product Security has rated this update as having a...

EUVD-2026-34134

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc-etr: Fix race condition between sysfs and perf mode When trying to run perf and sysfs mode simultaneously, the WARNON in tmcetrenablehw is triggered sometimes: WARNING: CPU: 42 PID: 3911571 at...

CVE-2026-46270

In the Linux kernel, CVE-2026-46270 (rt9455) is a use-after-free race in the power_supply_changed() path of the power supply driver. The issue arises when IRQs are requested using the devm_ variant before the devm_ allocated/freed power_supply handle, causing the handle to be deallocated/unregist...

CVE-2026-46258 gpio: cdev: Avoid NULL dereference in linehandle_create()

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandlecreate In linehandlecreate, there is a statement like this: retainandnullptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the cras...