Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.10-2026-120 (ALASKERNEL-5.10-2026-120)

The version of kernel installed on the remote host is prior to 5.10.255-253.1008. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.10-2026-120 advisory. In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in...

Linux Distros Unpatched Vulnerability : CVE-2026-46079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rbd: fix null-ptr-deref when deviceadddisk fails dorbdadd publishes the device with deviceadd before calling deviceadddisk. If deviceadddisk fails after devicea...

Linux Distros Unpatched Vulnerability : CVE-2022-29582

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel before 5.17.3, fs/iouring.c has a use-after-free due to a race condition in iouring timeouts. This can be triggered by a local user who has ...

Linux Distros Unpatched Vulnerability : CVE-2026-46086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bridge: use a stable FDB dst snapshot in RCU readers Local FDB entries can be rewritten in place by fdbdeletelocal, which updates f-dst to another port or ...

Linux Distros Unpatched Vulnerability : CVE-2026-46095

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - md/md-llbitmap: raise barrier before state machine transition Move the barrier raise operation before calling llbitmapstatemachine in both llbitmapstartwrite an...

Linux Distros Unpatched Vulnerability : CVE-2026-46084

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/manaib: Disable RX steering on RSS QP destroy When an RSS QP is destroyed e.g. DPDK exit, manaibdestroyqprss destroys the RX WQ objects but does not disabl...

PT-2026-43958

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the ALSA loopback driver. The loopback check format function may stop the capture side when playback starts with parameters that do not match a runni...

PT-2026-43889

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description An out-of-bounds MMIO Memory Mapped I/O read exists in the ibmasm handle mouse interrupt function. This occurs when the queue reader or writer index from the hardware exceeds REMOTE QUEUE...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of checking the InSync flag when reading bitmap pages. This vulnerability may lead to th...

Linux Distros Unpatched Vulnerability : CVE-2022-36123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol .bss. This allows Xen PV guest OS users to cause a denial of servi...

Linux Distros Unpatched Vulnerability : CVE-2026-46089

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - zram: do not forget to endio for partial discard requests As reported by Qu Wenruo and Avinesh Kumar, the following getconf PAGESIZE 65536 blkdiscard -p 4k...

Linux Distros Unpatched Vulnerability : CVE-2026-45958

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/exynos: vidi: fix to avoid directly dereferencing user pointer In vidiconnectionioctl, vidi-ediduser pointer is directly dereferenced in the kernel. This...

PT-2026-43970

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the stream parser when it is aborted, such as after a message assembly timeout. The strp abort strp function fails to release the reference to a partially assembl...

PT-2026-43948

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory corruption issue exists in the Linux kernel crypto acomp component. The function acomp save req incorrectly stores the address of the chain member &req-chain in req-base.data...

PT-2026-43897

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory leak occurs in the EDAC/versalnet component within the mc probe function. The of parse phandle function returns a device node reference that requires release via of node put. The...

PT-2026-43886

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 7.0.11-1.1 Description A memory leak occurs in the atmel-aes crypto component. The atmel aes buff init function allocates 4 pages of memory using get free pages with ATMEL AES BUFFER ORDER, but the atmel aes buff...

PT-2026-43904

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A flaw exists in the IPv4 ICMP implementation where the system fails to validate the reply type before accessing the icmp...

PT-2026-43862

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A use-after-free issue exists in the io uring/zcrx component. The function io free rbuf ring utilizes a struct user struct, but io zcrx ifq free releases this structure before the ring i...

PT-2026-43859

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the ALSA caiaq component. The error handling path for the setup card function fails to kill the internal URB cdev-ep1 in urb if it was submitted before the error...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the ALSA aloop driver’s failure to properly handle the UAF issue during format changes, leading t...