EUVD-2026-38857

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

kernel security, bug fix, and enhancement update

An update is available for kernel. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kernel packages contain the Linux kernel, the core of any Linux operating...

RockyLinux 8 : kernel (RLSA-2026:27353)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27353 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

RockyLinux 8 : kernel-rt (RLSA-2026:27354)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27354 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

Important: kernel-rt security, bug fix, and enhancement update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip...

Siemens RUGGEDCOM RST2428P Improper Input Validation (CVE-2026-23112)

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmettcpbuildpduiovec nvmettcpbuildpduiovec could walk past cmd-req.sg when a PDU length or offset exceeds sgcnt and then use bogus sg-length/offset values, leading to copytoiter GPF/KASAN. Guard...

SUSE CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

Linux Distros Unpatched Vulnerability : CVE-2026-46135

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp...

CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

CVE-2026-46135

CVE-2026-46135 affects the Linux kernel nvmet-tcp (NVMe over TCP). A race between ICReq handling and target‑side queue teardown can transition queue state in a non‑serialized way, potentially allowing a second teardown path and a re‑entry after a disconnect, including a possible double free scena...

CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a race condition in the handling of ICReq requests and queue removal in nvmet-tcp. This...

PT-2026-44258

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the nvmet-tcp module between the handling of Initialization Connection Requests ICReq and queue teardown. The function nvmet tcp handle icreq updates the...

Astra Linux - уязвимость в linux

In the Linux kernel, the following vulnerabilities have been resolved: nvmet-tcp: fixed incorrect locking in the statechange sk callback We are not changing anything in the TCP connection state, so we should not use a writelock but rather a read lock. This caused a deadlock when running nvmet-tcp...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: added a bounds check on the Transfer Tag. The ttag is used as an index to retrieve the cmd in nvmettcphandleh2cdatapdu. A bounds check was added to prevent out-of-bounds access...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013604)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013604 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010990)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010990 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-005428)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005428 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005647)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005647 advisory. In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: don't restore null skstatechange queue-statechange is set as part of...

SUSE SLES12 Security Update : kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5) (SUSE-SU-2026:0710-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2026:0710-1 advisory. This update for the SUSE Linux Enterprise kernel 4.12.14-122.290 fixes one security issue The following security issue was fixed: - CVE-2022-50717:...