ND Booking < 2.5 - Unauthenticated Options Change

The Hotel Booking WordPress plugin ND Booking 2.5 was affected by an Unauthenticated Options Change security vulnerability. id: CVE-2019-15774 info: name: ND Booking 2.5 - Unauthenticated Options Change author: popcorn94 severity: medium description: | The Hotel Booking WordPress plugin ND Bookin...

CLSA-2026-1778769697 kernel: Fix of 31 CVEs

net: skbuff: propagate shared-frag marker through pskbcopy - HID: ignore non-functional sensor in HP 5MP Camera CVE-2025-21992 - net: fix crash when config small gsomaxsize/gsoipv4maxsize CVE-2024-50258 - ipv4: iptunnel: Fix suspicious RCU usage warning in iptunnelinitflow CVE-2024-53042 - ALSA:...

SUSE CVE-2026-43441

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If bonding...

EUVD-2026-28747

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If bonding...

CVE-2026-43441

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If bonding...

CVE-2026-43441 net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If bonding...

Linux Distros Unpatched Vulnerability : CVE-2026-43441

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: bonding: Fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6ini...

SUSE CVE-2026-31738

In the Linux kernel, the following vulnerability has been resolved: vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser advance beyond the computed option span or use a too-short source LLAD...

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root device power-management, deviceprepare, operations, and deviceshutdown operations for 'ndregion' devices: Chain exis...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: dax: Make sure that inodes are flushed before destroying the cache. A bug can be triggered by executing the following command: $ modprobe ndpmem && modprobe -r ndpmem The following error messages were recorded: 10.060014 BUG...

SUSE SLES15 : Recommended update for initial livepatch (SUSE-SU-2026:1643-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1643-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...

Linux Distros Unpatched Vulnerability : CVE-2026-31738

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vxlan: validate ND option lengths in vxlannacreate vxlannacreate walks ND options according to option-provided lengths. A malformed option can make the parser...

CVE-2026-31682

In the Linux kernel, the following vulnerability has been resolved: bridge: brndsend: linearize skb before parsing ND options brndsend parses neighbour discovery options from ns-opt and assumes that these options are in the linear part of request. Its callers only guarantee that the ICMPv6 header...

SUSE-SU-2026:1575-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. - CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. - CVE-2026-23243: RDMA/umad:...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2025-38234: sched/rt: Fix race in pushrttask bsc1246057. CVE-2026-23103: ipvlan: Make the addrslock be per port bsc1257773. CVE-2026-23243: RDMA/umad: Reject...

EUVD-2026-18780

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

net: vxlan: fix nd_tbl NULL dereference when IPv6 is disabled

...

SUSE CVE-2026-23381

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. Then, if...

CVE-2026-23293

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. If an IPv6...

CVE-2026-23381

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix ndtbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the ndtbl is never initialized because inet6init exits before ndiscinit is called which initializes it. Then, if...