MiracleLinux 8 : kernel-4.18.0-553.126.1.el8_10 (AXSA:2026-751:40)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-751:40 advisory. kernel: Bluetooth: MGMT: Fix possible UAFs CVE-2025-39981 kernel: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr CVE-2025-681...

Oracle Linux 8 : kernel (ELSA-2026-21706)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-21706 advisory. - smb: client: validate the whole DACL before rewriting it in cifsacl Paulo Alcantara RHEL-172815 CVE-2026-31709 - netfilter: xttcpmss: check remainin...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2195-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2195-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

PT-2026-46027

In the Linux kernel, the following vulnerability has been resolved: drm/xe/pf: Fix sysfs initialization In case of devm add action or reset failure the provided cleanup action will be run immediately on the not yet initialized kobject. This may lead to errors like: kobject: 'null' ff110001393608e...

PT-2026-46021

In the Linux kernel, the following vulnerability has been resolved: gpio: cdev: Avoid NULL dereference in linehandle create In linehandle create, there is a statement like this: retain and null ptrlh; Soon after, there is a debug printout that dereferences "lh", which will crash things. Avoid the...

PT-2026-46093

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

PT-2026-46033

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the rt9455 power supply driver. The problem occurs because the interrupt request IRQ is requested before the power supply handle is allocated and...

PT-2026-46124

Summary Jupyter Enterprise Gateway has a prohibited UID and GID feature that by default prevents launching kernels with UID or GID 0 root. This can be bypassed. It is possible to launch kernels with a prohibited UID and/or GID by using a specially crafted KERNEL UID or KERNEL GID value. The featu...

Linux Distros Unpatched Vulnerability : CVE-2026-46249

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix PF driver crash with kexec kernel booting During a kexec reboot the hardwa...

PT-2026-46011

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the ath12k wifi driver where a stale link mapping is retained in ahvif-links map. This occurs when an arvif is initialized in non-AP STA mode but MLO connection...

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

Linux Distros Unpatched Vulnerability : CVE-2026-45979

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: clean up the amdgpucsparserbos In low memory conditions, kmalloc can fail. In su...

Linux Distros Unpatched Vulnerability : CVE-2026-46035

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/pagealloc: return NULL early from allocfrozenpagesnolock in NMI on UP On UP kernels !CONFIGSMP, spintrylock is a no-op that unconditionally succeeds even whe...

Linux Distros Unpatched Vulnerability : CVE-2025-71309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now...

PT-2026-46008

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A null pointer dereference exists in the AMD display Hot Plug Detect HPD initialization. The function amdgpu dm hpd init may encounter connectors that lack a valid dc link. While the cod...

PT-2026-46009

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the pm8916 lbc supply driver. The problem occurs because the interrupt request IRQ is requested before the extcon handle is allocated using devm variants...

PT-2026-46029

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the handling of RAW sockets using the IPPROTO RAW protocol. A malicious incoming ICMP packet can have its protocol field set to 255, allowing it to match a socket...

Linux Distros Unpatched Vulnerability : CVE-2026-46253

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistentramsaveold persistentramsaveold can be called...

PT-2026-46016

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: fix buffer overflow in persistent ram save old persistent ram save old can be called multiple times for the same persistent ram zone e.g., via ramoops pstore read - ramoops get next prz for PSTORE TYPE DMESG records...

PT-2026-46015

In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix locking in regulator resolve supply error path If late enabling of a supply regulator fails in regulator resolve supply, the code currently triggers a lockdep warning: WARNING: drivers/regulator/core.c:2649 a...