226370 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-46094
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ext4: fix bounds check in checkxattrs to prevent out-of-bounds access The bounds check for the next xattr entry in checkxattrs uses void next = end, which allow...
Linux Distros Unpatched Vulnerability : CVE-2026-45851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - efi: Fix reservation of unaccepted memory table The reserveunaccepted function incorrectly calculates the size of the memblock reservation for the unaccepted...
Debian dla-4607 : linux-config-6.1 - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4607 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4607-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2026-45847
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: remove WARNONONCE when accessing forward path array Although unlikely, recent support for IPIP tunnels increases chances of reaching this WARNONONCE if...
Linux Distros Unpatched Vulnerability : CVE-2026-45895
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - quota: fix livelock between quotactl and freezesuper When a filesystem is frozen, quotactlblock enters a retry loop waiting for the filesystem to thaw. It...
Linux Distros Unpatched Vulnerability : CVE-2026-46115
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physical...
Linux Distros Unpatched Vulnerability : CVE-2026-45872
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: smartpqi: Fix memory leak in pqireportphysluns pqireportphysluns fails to release the rpllist buffer when encountering an unsupported data format or when...
Linux Distros Unpatched Vulnerability : CVE-2026-45913
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bridge: mcast: always update mdbnentries for vlan contexts syzbot triggered a warning1 about the number of mdb entries in a context. It turned out that the...
Linux Distros Unpatched Vulnerability : CVE-2026-45898
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/iwcm: Fix workqueue list corruption by removing worklist The commit e1168f0 RDMA/iwcm: Simplify cmeventhandler changed the work submission logic to...
Linux Kernel - Local Privilege Escalation
Titles: Linux Kernel Local Privilege Escalation CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300 Author: nu11secur1ty Date: 2026-05-11 Vendor: Linux Kernel Software: Linux Kernel All major distributions Vulnerability Type: Page-Cache Write / Memory Corruption Status: HIGH / CRITICAL --- Descripti...
Security update for the Linux Kernel (important)
openSUSE security update: security update for the linux kernel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20826-1 Rating: important References: bsc1215199 bsc1234634 bsc1241259 bsc1243603 bsc1248754 bsc1249104 bsc1250951 bsc1253471 bsc1254518...
CVE-2025-71304
A flaw was found in the Linux kernel's Smack module. A local user with privileges to modify Smack's Domain of Interpretation DOI values could cause a denial of service. By writing a previously used DOI value to /smack/doi, networking for non-ambient labels becomes disabled. This prevents network...
CVE-2025-71303
A flaw was found in the Linux kernel. Specifically, within the accel/amdxdna component, a timing issue, known as a race condition, exists during device power management. A local application could submit commands while the device is in an inconsistent state due to an incomplete resume operation...
CVE-2025-71307
A flaw was found in the Linux kernel's drm/panthor component. This vulnerability, a NULL pointer dereference, occurs during the firmware unplug process when the Microcontroller Unit MCU is in an unexpected state or its firmware is not initialized. This can lead to system instability or a denial o...
CVE-2025-71306
A flaw was found in the Linux kernel's Integrity Measurement Architecture IMA subsystem. This vulnerability involves a stack-out-of-bounds access within the imaappraisemeasurement function during the processing of bprmcreds for execution. An attacker could potentially trigger this flaw by causing...
CVE-2025-71309
A flaw was found in the Linux kernel's ntfs3 filesystem driver. An issue with incorrect lock ordering between the inode mutex and page locks during compressed frame reading can lead to a deadlock. This vulnerability allows a local attacker to cause a system to hang, resulting in a Denial of Servi...
CVE-2025-71308
A flaw was found in the Linux kernel's accel/amdxdna module. During error handling in the aie2createcontext function, the aiedestroycontext function can be called when a mailbox channel pointer is unexpectedly null. This can lead to a NULL pointer dereference, potentially causing a system crash a...
CVE-2025-71312
A flaw was found in the Linux kernel's NTFS3 file system driver. A local user could exploit this vulnerability by mounting a specially crafted file. This issue leads to a memory leak, a type of resource management error, which can cause system instability or a denial of service DoS by exhausting...
CVE-2025-71311
A flaw was found in the Linux kernel's fs/ntfs3 component. When new memory pages folios are allocated for the NTFS3 file system without being properly initialized, and a read operation is skipped, parts of these folios may contain uninitialized memory. This can lead to a memory corruption...
CVE-2026-46077
A flaw was found in the Linux kernel's atmel-tdes cryptographic module. This vulnerability arises from an incorrect DMA Direct Memory Access synchronization direction, which can cause the system to process outdated data from the cache on non-coherent platforms. The primary consequence is the...