CVE-2023-53811 RDMA/irdma: Cap MSIX used to online CPUs + 1

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Cap MSIX used to online CPUs + 1 The irdma driver can use a maximum number of msix vectors equal to numonlinecpus + 1 and the kernel warning stack below is shown if that number is exceeded. The kernel throws a warning...

DEBIAN-CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

CVE-2023-53751

CVE-2023-53751 affects the Linux kernel CIFS code: TCP_Server_Info::hostname may be updated during reconnect, and access wasn’t properly protected outside the reconnect path, enabling a use-after-free and potential memory corruption. The connected advisories indicate kernel security updates (RHSA...

CVE-2022-50626

In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: fix memory leak in dvbusbadapterinit Syzbot reports a memory leak in "dvbusbadapterinit". The leak is due to not accounting for and freeing current iteration's adapter-priv in case of an error. Currently if an err...

TencentOS Server 4: kernel (TSSA-2025:0349)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0349 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Siemens SIMATIC S7-1500 Improper Resource Locking (CVE-2024-26679)

In the Linux kernel, the following vulnerability has been resolved: inet: read sk-skfamily once in inetrecverror This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

kernel: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result()

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in cfg80211connectresult If the ssid-datalen is more than IEEE80211MAXSSIDLEN 32 it would lead to memory corruption so add some bounds checking...

CVE-2025-40116 usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup

In the Linux kernel, the following vulnerability has been resolved: usb: host: max3421-hcd: Fix error pointer dereference in probe cleanup The kthreadrun function returns error pointers so the max3421hcd-spithread pointer can be either error pointers or NULL. Check for both before dereferencing i...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990422)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990422 advisory. In the Linux kernel, the following vulnerability has been resolved: md/raid5: fix deadlock that raid5d wait for itself to clear MDSBCHANGEPENDING Xiao reported that...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990268)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990268 advisory. In the Linux kernel, the following vulnerability has been resolved: powerpc/prominit: Fixup missing powermac size-cells On some powermacs escc nodes are missing...

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: f2fs: fixed the issue where foreground garbage collection might be triggered during f2fsmapblocks in lfs mode. The issue occurs when the “mode=lfs” mount option is used; this can cause a system panic. ------------ Cut here...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: net: gso: It is now forbidden to perform IPv6 TSO with extensions on devices that only have IPV6CSUM available. When performing Generic Segmentation Offload GSO on an IPv6 packet that contains extension headers, the kernel...

Astra Linux – Vulnerability found in Linux 6.12, Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: hisiaccvfiopci: fixed the XQE DMA address error. The DMA addresses of EQE and AEQE are incorrect after migration, resulting in failures in the guest kernel-mode encryption services. By comparing the definitions of hardware...

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: arm64/ptrace: Fix stack-out-of-bounds read in regsgetkernelstacknth KASAN reports a stack-out-of-bounds read in regsgetkernelstacknth. Call Trace: 97.283505 BUG: KASAN: stack-out-of-bounds in regsgetkernelstacknth+0xa8/0xc8...

CVE-2025-40086

CVE-2025-40086 affects the Linux kernel DRM XE path. An array of VM binds could evict other buffer objects (BOs) within the same VM, potentially causing NULL pointer dereferences in the bind pipeline. The fix clears the allow_res_evict flag in xe_bo_validate (and there was a follow‑up commit that...

EUVD-2025-36664

In the Linux kernel, the following vulnerability has been resolved: ksmbd: transportipc: validate payload size before reading handle handleresponse dereferences the payload as a 4-byte handle without verifying that the declared payload size is at least 4 bytes. A malformed or truncated message fr...

CVE-2025-40085 ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix NULL pointer deference in trytoregistercard In trytoregistercard, the return value of usbifnumtoif is passed directly to usbinterfaceclaimed without a NULL check, which will lead to a NULL pointer dereference...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Read (CVE-2024-46743)

In the Linux kernel, the following vulnerability has been resolved: of/irq: Prevent device address out-of-bounds read in interrupt map walk. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

Siemens SIMATIC, SCALANCE and RUGGEDCOM Devices Out-of-bounds Read (CVE-2024-50301)

In the Linux kernel, the following vulnerability has been resolved: security/keys: fix slab-out-of-bounds in keytaskpermission. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...

UBUNTU-CVE-2025-40038

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Skip fastpath emulation on VM-Exit if next RIP isn't valid Skip the WRMSR and HLT fastpaths in SVM's VM-Exit handler if the next RIP isn't valid, e.g. because KVM is running with nrips=false. SVM must decode and emulate...