310 matches found
CVE-2026-23439
The CVE-2026-23439 entry describes a Linux kernel issue in udp_tunnel where, if CONFIG_IPV6 is disabled, udp_sock_create6() can return success without creating a socket. This leads to a NULL pointer dereference when callers like fou_create() dereference the uninitialized socket pointer, causing a...
SUSE SLES15 Security Update : kernel (Live Patch 2 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1132-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1132-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.6 fixes various security issues The following security issues were fixed: -...
Important: kernel6.12
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix null-deref in aggdequeue CVE-2025-40083 In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak of qgrouplist in btrfsaddqgrouprelation CVE-2025-40209 In t...
Moderate: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
SUSE-SU-2026:20898-1 Security update for the Linux Kernel RT (Live Patch 12 for SUSE Linux Enterprise Micro 6.0)
This update for the SUSE Linux Enterprise Kernel 6.4.0-36.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...
SUSE-SU-2026:0944-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7 RT)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.25 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass...
EulerOS 2.0 SP12 : kernel (EulerOS-SA-2026-1366)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tcpbpf: Call skmsgfree when tcpbpfsendverdict fails to allocate psock-cork.CVE-2025-39913 md: fix rcu protection in mdwakeupthreadCVE-2025-68374...
RHEL 9 : kernel (RHSA-2026:2573)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2573 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: ath9khtc...
Azure Linux 3.0 Security Update: kernel (CVE-2025-38251)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38251 advisory. - In the Linux kernel, the following vulnerability has been resolved: atm: clip: prevent NULL deref in clippus...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix flag-dropping behavior in ksmmadvise CVE-2025-40040 In the Lin...
UBUNTU-CVE-2023-53987
In the Linux kernel, the following vulnerability has been resolved: ping: Fix potentail NULL deref for /proc/net/icmp. After commit dbca1596bbb0 "ping: convert to RCU lookups, get rid of rwlock", we use RCU for ping sockets, but we should use spinlock for /proc/net/icmp to avoid a potential NULL...
MGASA-2025-0330 Updated php packages fix security vulnerabilities
Opcache: - Reset global pointers to prevent use-after-free in zendjitstatus. PDO: - Fixed PDO quoting result null deref. Standard: - Fixed Null byte termination in dnsgetrecord - Heap buffer overflow in arraymerge - Information Leak of Memory in getimagesize...
Linux Distros Unpatched Vulnerability : CVE-2025-68298
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bluetooth: btusb: mediatek: Avoid btusbmtkclaimisointf NULL deref In btusbmtksetup, we set btmtkdata-isopktintf to: usbifnumtoifdata-udev, MTKISOIFNUM That...
OESA-2025-2802 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: nfc: nci: Fix uninit-value in ncirxwork syzbot reported the following uninit-value access issue 1 ncirxwork parses received packet from ndev-rxq. It should be...
Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-56661)
tipc: NULL deref in cleanupbearer. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504583; scriptversion"1.2";...
LSN-0116-1 Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989662)
"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989662 advisory. In the Linux kernel, the following vulnerability has been resolved: tipc: fix NULL deref in cleanupbearer syzbot found 1 that after blamed commit, ub-ubsock-sk was...
Important: kernel
Issue Overview: An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in dodivsz,mtd-erasesize, used indirectly by ctrlcdevioctl, when mtd-erasesize is 0. CVE-2023-31085 A flaw in the kernel Xen event handler can cause a deadlock with Xen conso...
Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987684)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987684 advisory. In the Linux kernel, the following vulnerability has been resolved: efi: fix potential NULL deref in efimemreservepersistent When iterating on a linked list, a resul...
Amazon Linux 2 : kernel, --advisory ALAS2-2025-3038 (ALAS-2025-3038)
The version of kernel installed on the remote host is prior to 4.14.355-280.698. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3038 advisory. In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in...