PT-2026-43961

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the Linux kernel within the decay va pool node function. This function can be invoked concurrently by purge vmap area lazy during pool purging and by the...

PT-2026-43886

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory leak occurs in the atmel-aes crypto component. The atmel aes buff init function allocates 4 pages of memory using get free pages with ATMEL AES BUFFER ORDER, but the atmel aes buff...

PT-2026-43937

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the md/raid5 component where the functions r5c recovery analyze meta block and r5l recovery verify data...

PT-2026-43909

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description Memory leaks occur in the weighted interleave auto store function within the mm/mempolicy component. The issue arises because the old wi state is fetched only when the input is null. Thi...

PT-2026-43939

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The run unpack function in the ntfs3 driver fails to verify if the size size and offset size bytes read via run unpack s64 fit within the remaining buffer, despite checking run buf run...

PT-2026-43959

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A DMA coherency issue exists in the igorplugusb driver within the media subsystem. In a control request, the USB request...

PT-2026-43870

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description The nameserver in the Qualcomm Router qrtr network subsystem does not limit the number of nodes it handles. A malicious clie...

PT-2026-43880

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description An issue exists in the put folios cleanup path of the memfd luo retrieve folios function. The kho restore folio function...

PT-2026-43864

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference-count leak occurs in the SCSI subsystem. When the device add&disk dev function fails, put device triggers scsi disk release, which frees the scsi disk but fails to release th...

PT-2026-43859

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ALSA caiaq component. The error handling path for the setup card function fails to kill the internal URB cdev-ep1 in urb if it was submitted before the error...

PT-2026-43868

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description Two issues exist in the pt5161l read block data function within the hwmon component. First, a buffer overrun occurs because...

PT-2026-43872

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A resource leak exists in the xfs alloc buftarg function within the XFS file system. The issue occurs in the error path where the DAX Direct Access device reference is not properly...

PT-2026-43874

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description In the hwmon powerz component, a DMA buffer may share a cacheline with a mutex depending on the architecture. This cacheline...

PT-2026-43882

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An issue exists in the TCP implementation where the inet csk listen stop function migrates an established child socket from a closing listener to another socket within the same SO REUSEPORT...

PT-2026-43922

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A string buffer overrun occurs in the AppArmor module due to missing termination. This issue manifests as a slab-out-of-bounds read within the aa dfa match function, specifically when...

PT-2026-43960

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A crash occurs in the probing routine of the rtw88 driver when the 8821CE device is installed on a system where the device i...

Linux Distros Unpatched Vulnerability : CVE-2026-46099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: ipv6: fix NOREF dst use in seg6 and rpl lwtunnels seg6inputcore and rplinput call ip6routeinput which sets a NOREF dst on the skb, then pass it to...

UBUNTU-CVE-2026-46000

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix conn-level packet handling to unshare RESPONSE packets The security operations that verify the RESPONSE packets decrypt bits of it in place - however, the skbuff may be shared with a packet sniffer, which would lead to...

USN-8280-3: Linux kernel (IoT) vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...

USN-8280-3 linux-iot vulnerabilities

It was discovered that the Linux kernel algifaead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. CVE-2026-31431 Several security issues were discovered in th...