UBUNTU-CVE-2026-46236

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

CVE-2026-46236

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

EUVD-2026-32754

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

CVE-2026-46091 media: rc: igorplugusb: heed coherency rules

In the Linux kernel, the following vulnerability has been resolved: media: rc: igorplugusb: heed coherency rules In a control request, the USB request structure can be subject to DMA on some HCs. Hence it must obey the rules for DMA coherency. Allocate it separately...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007261)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007261 advisory. In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires...

Oracle Linux 7 : kernel (ELSA-2026-3685)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3685 advisory. - ext4: fix use-after-free in ext4orphancleanup CVE-2022-50673 Orabug: 39036029 - Squashfs: check return result of sbminblocksize CVE-2025-38415 Orabug...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syst...

RLSA-2026:0443 Important: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003990 advisory. In the Linux kernel before 5.1.6, there is a use-after-free in serialirinitmodule in drivers/media/rc/serialir.c. Tenable has extracted the preceding description blo...

Oracle Linux 8 : kernel (ELSA-2026-0444)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0444 advisory. - libceph: fix potential use-after-free in havemonandosdmap CKI Backport Bot RHEL-137395 CVE-2025-68285 - media: rc: fix races with imondisconnect Kate...

kernel: media: rc: fix races with imon_disconnect()

A use-after-free flaw exists in the Linux kernel’s media/rc subsystem. When the device is disconnected via imondisconnect, the driver may unconditionally release a usbdevice reference via usbputdev even while other operations such as vfdwrite, sendpacket, displayopen, lcdwrite are still in...

CVE-2025-39993

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

EUVD-2025-34580

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

UBUNTU-CVE-2025-39993

In the Linux kernel, the following vulnerability has been resolved: media: rc: fix races with imondisconnect Syzbot reports a KASAN issue as below: BUG: KASAN: use-after-free in createpipe include/linux/usb.h:1945 inline BUG: KASAN: use-after-free in sendpacket+0xa2d/0xbc0...

DEBIAN-CVE-2023-52642

In the Linux kernel, the following vulnerability has been resolved: media: rc: bpf attach/detach requires write permission Note that bpf attach/detach also requires CAPNETADMIN...

Unbreakable Enterprise kernel security update

4.1.12-124.76.2 - firewire: fix potential uaf in outboundphypacketcallback Chengfeng Ye Orabug: 35493606 CVE-2023-3159 - ath9k: fix use-after-free in ath9khifusbrxcb Pavel Skripkin Orabug: 35448003 CVE-2022-1679 - dm ioctl: fix nested locking in tableclear to remove deadlock concern Mike Snitzer...