CVE-2026-45904

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

CVE-2026-6341 Incomplete group locking implementation

Mattermost Plugins versions =11.5 11.1.5 10.13.11 11.3.4.0 fail to have API-level checks on which groups the user can create issues or attach comments to which allows a user that is member of multiple groups to create issues to a locked group via direct API requests. Mattermost Advisory ID:...

PT-2026-39084

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the usb gadget f ncm component where the ncm set alt function holds a mutex to prevent races with configfs. This action invokes a sleeping function within an atomic...

Linux Distros Unpatched Vulnerability : CVE-2026-43319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - spi: spidev: fix lock inversion between spilock and buflock The spidev driver previously used two mutexes, spilock and buflock, but acquired them in different...

CVE-2026-43143

A flaw was found in the Linux kernel's multi-function device mfd core module. The mfdofnodelist lacked proper locking mechanisms, allowing for unsafe manipulation of the list. This concurrency issue could lead to system crashes, resulting in a Denial of Service DoS...

Linux Distros Unpatched Vulnerability : CVE-2026-43116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - netfilter: ctnetlink: ensure safe access to master conntrack Holding reference on the expectation is not sufficient, the master conntrack object can just go awa...

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw exists in the processing of SMB2TREEDISCONNECT commands. The issue arises due to the lack of proper locking when performing operations on an object. An attacker can exploit...

Astra Linux – Vulnerability in Linux 5.15

A flaw was discovered in the ksmbd component of the Linux kernel, a high-performance in-kernel SMB server. The specific flaw occurs during the processing of SMB2SESSIONSETUP and SMB2LOGOFF commands. The issue arises due to the lack of proper locking when performing operations on an object. An...

CVE-2026-23045 net/ena: fix missing lock when update devlink params

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devlparamdriverinitvalueset in ena. WARNING: net/devlink/core.c:261 at devlassertlocked+0x62/0x90, CPU0: kworker/0:0/9 CPU: 0 UID: 0 PID: ...

ROS-20260120-7319

Vulnerability in kernel-lt related to incorrect resource locking. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 3 : kernel-2.6.18-348.5.AXS3 (AXSA:2013-550:05)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-550:05 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

Linux Distros Unpatched Vulnerability : CVE-2025-71126

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at...

ROS-20260112-7331

A vulnerability in the ext4xattrsetentry function of the fs/ext4/xattr.c module of the Ext4 file system of the Linux kernel is related to insufficient locking of a resource. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2022-26356

Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XENDMOPtrackdirtyvram was named HVMOPtrackdirtyvram before Xen 4.9 is racy with ongoing log dirty hypercalls. A suitably timed call to XENDMOPtrackdirtyvram can enable log dirty whil...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000512)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000512 advisory. In the Linux kernel, the following vulnerability has been resolved: locking/qrwlock: Fix ordering in queuedwritelockslowpath While this code is executed with the...

Linux Distros Unpatched Vulnerability : CVE-2023-54164

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: ISO: fix isoconn related locking and validity issues sk-skstate indicates whether isopisk-conn is valid. Operations that check/update skstate and...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992282)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992282 advisory. In the Linux kernel, the following vulnerability has been resolved: USB: core: Prevent nested device-reset calls Automatic kernel fuzzing revealed a recursive lockin...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from /proc/net/icmp using an incorrect locking mechanism that could lead to null pointer dereferencing...

PT-2025-52998

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists when removing provided buffers in the io uring functionality. Specifically, io buffer structs are not properly disposed of, leading to a memory leak. These structs a...

CVE-2025-40219

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...