EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1397)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...

MiracleLinux 3 : kernel-2.6.18-128.12AXS3 (AXSA:2009-411:13)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-411:13 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating system:...

EUVD-2009-2839

Malware in sbrugna...

CVE-2022-50381

In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempoolfree There's a crash in mempoolfree when running the lvm test shell/lvchange-rebuild-raid.sh. The reason for the crash is this: superwritten calls atomicdecandtest&mddev-;pendingwrites and...

Oracle Linux 7 : kernel (ELSA-2025-14748)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-14748 advisory. - kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 - kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove...

RHEL 7 : kernel-rt (RHSA-2025:14746)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14746 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

kernel: drivers:md:fix a potential use-after-free bug

A use-after-free bug exists in the linux kernel such that in the line "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines "if sh-batchhead && sh != sh-batchhead" resulting in a minor application crash...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

kernel: drivers:md:fix a potential use-after-free bug

A use-after-free bug exists in the linux kernel such that in the line "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines "if sh-batchhead && sh != sh-batchhead" resulting in a minor application crash...

RHEL 9 : kernel-rt (RHSA-2025:14094)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14094 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

RHEL 9 : kernel (RHSA-2025:14054)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:14054 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: padata: fix UAF in...

kernel: drivers:md:fix a potential use-after-free bug

A use-after-free bug exists in the linux kernel such that in the line "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines "if sh-batchhead && sh != sh-batchhead" resulting in a minor application crash...

CLSA-2025-1754553172 kernel: Fix of 17 CVEs

net: ch9200: fix uninitialised access during miinwayrestart CVE-2025-38086 - jbd2: fix assertion 'jh-bfrozendata == NULL' failure when journal aborted CVE-2022-50126 - kernfs: fix potential NULL dereference in kernfsremove CVE-2022-50148 - md-raid10: fix KASAN warning CVE-2022-50211 - xhci: Fix...

kernel: md: fix warning for holder mismatch from export_rdev()

A logic inconsistency was identified in the Linux kernel md multiple device driver involving the exportrdev function and associated block device holder bookkeeping. Under certain sequences where mddev-external is toggled, the code would use one holder claimrdev to get a block device but a differe...

UBUNTU-CVE-2024-26755

In the Linux kernel, the following vulnerability has been resolved: md: Don't suspend the array for interrupted reshape mdstartsync will suspend the array if there are spares that can be added or removed from conf, however, if reshape is still in progress, this won't happen at all or data will be...

CVE-2023-52429

A flaw was found in the md driver in the linux kernel. Due to a missing check for struct dmioctl.targetcount, dmtablecreate can attempt to allocate more bytes than intended, resulting in a crash...

kernel: drivers:md:fix a potential use-after-free bug

A use-after-free bug exists in the linux kernel such that in the line "raid5releasestripesh;" drops the reference to sh and may cause sh to be released. However, sh is subsequently used in lines "if sh-batchhead && sh != sh-batchhead" resulting in a minor application crash...

Debian: Security Advisory (DLA-310-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2777-1 linux-lts-utopic vulnerabilities

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...

Ubuntu 15.04 : linux vulnerabilities (USN-2752-1)

Benjamin Randazzo discovered an information leak in the md multiple device driver when the bitmapinfo.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. CVE-2015-5697 Marc-Andre Lureau discovered that the vhost driver did not properly...