Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013005)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013005 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007489)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007489 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2026-50134)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50134 advisory. - xfrm: delete x-tunnel as we delete x Sabrina Dubroca Orabug: 39016501 CVE-2025-40215 - crypto: afalg - Fix incorrect boolean values in afalgctx...

Amazon Linux 2023 : bpftool6.12, kernel6.12, kernel6.12-devel (ALAS2023-2026-1430)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1430 advisory. In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has...

Important: kernel-livepatch-6.1.158-178.288

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields CVE-2025-40254 Affected Packages: kernel-livepatch-6.1.158-178.288 Issue Correction: Please ensure you have live patching enabled. Run dnf upda...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...

CVE-2025-40254

Open vSwitch NSH Network Service Header field modification has been fundamentally broken since introduction. The setnsh... action reuses validation code designed for different memory layouts—masked sets double attribute sizes, but the validator doesn't account for this. Additionally, 'masked' and...

SUSE CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254

CVE-2025-40254 targets the Linux kernel openvswitch nsh field handling. The issue stems from incorrect validation of set(nsh(...)) due to a mismatched memory layout and confusing mask vs value flags, which can cause kernel NULL pointer dereferences or crashes during validation. The advisory notes...

CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

PT-2025-49084

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4+ Description The Linux kernel contains a flaw in the Open vSwitch OVS component related to the handling of Network Service Header NSH fields within the setnsh... action. The validation process for this...