Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50318)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50318 advisory. - net/tls: fix use-after-free in -EBUSY error path of tlsdoencryption Muhammad Alifa Ramdhan Orabug: 39543209 CVE-2026-31533 - net: fix fanout UAF...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: mptcp: fixed data races related to remoteid. Similar to the previous patch, this issue was addressed by dealing with the data race on remoteid, by adding appropriate ONCE annotations...

CVE-2026-43029

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lockup in mptcprecvmsg syzbot reported a soft lockup in mptcprecvmsg 0. When receiving data with MSGPEEK | MSGWAITALL flags, the skb is not removed from the skreceivequeue. This causes skwaitdata to always find...

SUSE-SU-2026:0317-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. - CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. - CVE-2023-53254:...

SUSE SLES15 Security Update : kernel (Live Patch 6 for SUSE Linux Enterprise 15 SP6) (SUSE-SU-2025:4261-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4261-1 advisory. This update for the SUSE Linux Enterprise kernel 6.4.0-150600.23.30 fixes various security issues The following security issues were fixed: -...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: dma-buf/dma-resv: check if the new fence is really later CVE-2022-49935 In the Linux kernel, the following vulnerability has been resolved: cifs: fix small mempool leak in SMB2negotiate CVE-2022-49938 In the Linux...

Linux Distros Unpatched Vulnerability : CVE-2021-47590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix deadlock in mptcppushpending mptcppushpending may call mptcpflushjoinlist with...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2025-079)

The version of kernel installed on the remote host is prior to 5.15.182-123.190. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2025-079 advisory. In the Linux kernel, the following vulnerability has been resolved: media: streamzap: fix race between...

SUSE-SU-2025:20354-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-28956: x86/ibt: Keep IBT disabled during alternative patching bsc1242006. - CVE-2024-35840: mptcp: use OPTIONMPTCPMPJSYNACK in subflowfinishconne...

Security update for kernel-livepatch-MICRO-6-0-RT_Update_3

This update for kernel-livepatch-MICRO-6-0-RTUpdate3 fixes the following issues: CVE-2024-45016: Fixed netem: fix return value if duplicate enqueue fails bsc1230998 CVE-2024-47684: Fixed tcp: check skb is non-NULL in tcprtodeltaus bsc1231993 CVE-2024-50302: Fixed HID: core: zero-initialize the...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

kernel security update

5.14.0-503.14.15.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

CVE-2024-45009

CVE-2024-45009 is a Linux kernel vulnerability in mptcp: pm where the add_addr_accepted counter could be decremented incorrectly during RM_ADDR/subflow removal, potentially leading to a UaF scenario if subflows are not fully established. The available connected advisories indicate concrete fixes ...

CVE-2021-47448

CVE-2021-47448 affects the Linux kernel MPTCP recvmsg path. If the caller uses MSG_WAITALL and insufficient data remains to satisfy the request, recvmsg can stall in an infinite loop because mptcp_wait_data() detects MPTCP_DATA_READY and never clears it in that code path. This can trigger an RCU ...

CVE-2021-47242 mptcp: fix soft lookup in subflow_error_report()

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix soft lookup in subflowerrorreport Maxim reported a soft lookup in subflowerrorreport: watchdog: BUG: soft lockup - CPU0 stuck for 22s! swapper/0:0 RIP: 0010:nativequeuedspinlockslowpath RSP: 0018:ffffa859c0003bc0 EFLAG...

CVE-2024-27404 mptcp: fix data races on remote_id

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data races on remoteid Similar to the previous patch, address the data race on remoteid, adding the suitable ONCE annotations...

CVE-2024-26826 mptcp: fix data re-injection from stale subflow

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data re-injection from stale subflow When the MPTCP PM detects that a subflow is stale, all the packet scheduler must re-inject all the mptcp-level unacked data. To avoid acquiring unneeded locks, it first try to check...

CVE-2024-26781 mptcp: fix possible deadlock in subflow diag

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible deadlock in subflow diag Syzbot and Eric reported a lockdep splat in the subflow diag: WARNING: possible circular locking dependency detected 6.8.0-rc4-syzkaller-00212-g40b9385dd8e6 0 Not tainted...