Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting

A flaw was found in the Linux kernel's device mapper dm component. When setting up zone append emulation resources, a race condition can occur if the blkrevalidatediskzones function fails while another process simultaneously calls dmblkreportzones. This timing issue can lead to a use-after-free...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2025-38321: smb: Log an error when closeallcacheddirs fails bsc1246328. CVE-2025-38728: smb3: fix for slab out of bounds on mount to ksmbd bsc1249256. CVE-2025-39890:...

RHEL 9 : kernel (RHSA-2026:1143)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:1143 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free i...

ALSA-2026:1143 Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

Important: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free in device mapper due to race condition in zone reporting CVE-2025-38141 kernel: Linux kernel use-after-free in eventpoll CVE-2025-38349 kernel: drm/xe: Fix...

SUSE SLES15 Security Update : kernel (SUSE-SU-2026:0278-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0278-1 advisory. The SUSE Linux Enterprise 15 SP7 RT kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-3832...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38063)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38063 advisory. - In the Linux kernel, the following vulnerability has been resolved: dm: fix unconditional IO throttle caused...

MiracleLinux 8 : device-mapper-multipath-0.8.4-37.el8 (AXSA:2023-5860:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5860:05 advisory. device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 Tenable has extracted the preceding...

MiracleLinux 8 : device-mapper-multipath-0.8.4-22.el8.2 (AXSA:2022-3923:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3923:05 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 9 : device-mapper-multipath-0.8.7-7.el9.1 (AXSA:2022-4131:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4131:06 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 7 : device-mapper-multipath-0.4.9-136.el7 (AXSA:2022-3922:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3922:04 advisory. device-mapper-multipath: Authorization bypass, multipathd daemon listens for client connections on an abstract Unix socket CVE-2022-41974 Tenable has extract...

MiracleLinux 8 : device-mapper-multipath-0.8.4-28.el8.1 (AXSA:2022-4432:08)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4432:08 advisory. device-mapper-multipath: Regression of CVE-2022-41974 fix in MIRACLE LINUX CVE-2022-3787 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : device-mapper-multipath-0.8.7-12.el9.1 (AXSA:2023-5087:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5087:02 advisory. device-mapper-multipath: Regression of CVE-2022-41974 fix in MIRACLE LINUX CVE-2022-3787 Tenable has extracted the preceding description block directly from...

MiracleLinux 9 : device-mapper-multipath-0.8.7-20.el9 (AXSA:2023-5420:04)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5420:04 advisory. device-mapper-multipath: multipathd: insecure handling of files in /dev/shm leading to symlink attack CVE-2022-41973 Tenable has extracted the preceding...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002705)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002705 advisory. The dmgetfromkobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service BUG by leveraging a race condition...

CVE-2025-71117

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001767)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001767 advisory. dmtablecreate in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to in alloctargets allocate more than INTMAX bytes, and crash, because of a...

MiracleLinux 3 : device-mapper-multipath-0.4.7-23.2.1AXS3 (AXSA:2009-47:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-47:01 advisory. device-mapper-multipath provides tools to manage multipath devices by instructing the device-mapper multipath kernel module what to do. Fixed bugs: CVE-2009-01...

CVE-2025-15493

A flaw has been found in RainyGao DocSys up to 2.02.36. The impacted element is an unknown function of the file src/com/DocSystem/mapping/ReposAuthMapper.xml. Executing a manipulation of the argument searchWord can lead to sql injection. It is possible to launch the attack remotely. The exploit h...