731 matches found
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: pagepool: Fix use-after-free in pagepoolrecycleinring CVE-2025-38129 In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a null-ptr access in the cursor snooper CVE-2025-40110 In th...
ROS-20260313-73-0020
A vulnerability in the nbdgenlconnect function of the nbd component of the Linux operating system kernel is related to the ability to use memory after it has been freed. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1280)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...
EulerOS 2.0 SP13 : kernel (EulerOS-SA-2026-1244)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : nvme: nvme-fc: Ensure -ioerrwork is cancelled in nvmefcdeletectrlCVE-2025-40261 cifs: fix session state check in reconnect to avoid use-after-free...
NewStart CGSL MAIN 6.06 (SP) : nbd Multiple Vulnerabilities (NS-SA-2026-0012)
The remote NewStart CGSL host, running version MAIN 6.06 SP, has nbd packages installed that are affected by multiple vulnerabilities: - In nbd-server in nbd before 3.24, there is a stack-based buffer overflow. An attacker can cause a buffer overflow in the parsing of the name field by sending a...
Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.15-2026-098 (ALASKERNEL-5.15-2026-098)
The version of kernel installed on the remote host is prior to 5.15.201-140.219. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2026-098 advisory. In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix undefined behavior in b...
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: nbd: restricts sockets to TCP and UDP Recently, syzbot began abusing NBD using various types of sockets. The commit cf1b2326b734 “nbd: verify that sockets are supported during setup” ensured that the socket supported a shutdown...
kernel: nbd: fix incomplete validation of ioctl arg
A flaw has been found in the Linux kernel’s NBD drivers.The issue stems from incomplete validation of IOCTL arguments passed to the NBD driver. Specifically, oversized or unchecked arguments may lead to a signed integer overflow in blockwritefullpage and misuse of argument values cast to int in...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2026-50118)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50118 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501...
virt:ol and virt-devel:ol security and bug fix update
hivex libguestfs 1.44.0-9.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to ol 1:1.44.0-9 - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz2101280 1:1.44.0-8 -...
EulerOS Virtualization 2.10.1 : kernel (EulerOS-SA-2026-1123)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cifs: Fix UAF in cifsdemultiplexthreadCVE-2023-52572 net: fix data-races around sk-skforwardallocCVE-2024-53124 quota: flush...
Azure Linux 3.0 Security Update: kernel (CVE-2024-49855)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49855 advisory. - In the Linux kernel, the following vulnerability has been resolved: nbd: fix race between timeout and normal...
MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2024-8876:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8876:01 advisory. QEMU: virtio: DMA reentrancy issue leads to double free vulnerability CVE-2024-3446 QEMU: Denial of Service via Improper Synchronization in QEMU NBD...
MiracleLinux 9 : qemu-kvm-9.0.0-10.el9 (AXSA:2024-9100:07)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9100:07 advisory. QEMU: SR-IOV: improper validation of NumVFs leads to buffer overflow CVE-2024-26327 QEMU: virtio: DMA reentrancy issue leads to double free...
ROS-20260119-7328
A vulnerability in the nbddisconnectandput function of the drivers/block/nbd.c module of the Linux kernel block device support driver is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an intruder to affect confidentiality, integrity and availability o...
CLSA-2026-1768663754 kernel: Fix of 38 CVEs
ALSA: usb-audio: Fix out-of-bounds read in sndusbgetaudioformatuac3 CVE-2025-38249 - drm/i915/gt: Fix timeline left held on VMA alloc error CVE-2025-38389 - md/raid1: Fix stack memory use after return in raid1reshape CVE-2025-38445 - atm: clip: Fix infinite recursive call of clippush...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-001418)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001418 advisory. nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after- free that could be triggered by local attackers with access to t...
MiracleLinux 8 : kernel-4.18.0-553.87.1.el8_10 (AXSA:2025-11512:96)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11512:96 advisory. kernel: nfsd: handle getclientlocked failure in nfsd4setclientidconfirm CVE-2025-38724 kernel: smb: client: fix race with concurrent opens in renam...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992311)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992311 advisory. In the Linux kernel, the following vulnerability has been resolved: nbd: Fix hung when signal interrupts nbdstartdeviceioctl syzbot reported hung task 1. The followi...
CVE-2025-68372
In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recvwork There is one uaf issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: nbdgenlconnect // confref=2 connect and recvwork A nbdopen // confref=3 recvwork A done // confref=2 NBDCLEARSO...