SUSE-SU-2026:1573-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2025-39998: scsi: target: targetcoreconfigfs: Add length check to avoid buffer overflow bsc1252073. - CVE-2025-68794: iomap: adjust read range correctly for...

openSUSE 16 Security Update : kernel (openSUSE-SU-2026:20572-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20572-1 advisory. The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2025-39998: scs...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011120)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011120 advisory. In the Linux kernel, the following vulnerability has been resolved: pstore: Avoid kcore oops by vmaping with VMIOREMAP An oops can be induced by running 'cat...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005738)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005738 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-005689)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005689 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowin...

SUSE CVE-2026-23035

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...

EUVD-2026-5055

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

AZL-78476 CVE-2026-22996 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't store mlx5epriv in mlx5edev devlink priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails, mlx5epriv in mlx5edev devlink private is used to reference the netdev and mdev associate...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37765)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37765 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttmbodelayeddele...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992861)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992861 advisory. In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-Switch, Fix an Oops in error handling code The error handling dereferences vport. The...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993038)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993038 advisory. In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of ...

CVE-2023-54263 drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpdirqlock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-991186)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991186 advisory. In the Linux kernel, the following vulnerability has been resolved: cifs: Fix oops due to uncleared server-smbdconn in reconnect In smbddestroy, clear the...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

EUVD-2023-60099

In the Linux kernel, the following vulnerability has been resolved: clk: clocking-wizard: Fix Oops in clkwzrdregisterdivider Smatch detected this potential error pointer dereference clkwzrdregisterdivider. If devmclkhwregister fails then it sets "hw" to an error pointer and then dereferences it o...

EUVD-2025-124932

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: No support of struct argument in trampoline programs The current implementation does not support struct argument. This causes a oops when running bpf selftest: $ ./testprogs -a tracingstruct Oops1: CPU -1 Unable t...

EUVD-2023-60043

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bulk Modifications tool. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

EUVD-2025-13201

Malicious code in bioql PyPI...

DEBIAN-CVE-2023-53431

In the Linux kernel, the following vulnerability has been resolved: scsi: ses: Handle enclosure with just a primary component gracefully This reverts commit 3fe97ff3d949 "scsi: ses: Don't attach if enclosure has no components" and introduces proper handling of case where there are no detected...

CVE-2023-53400 ALSA: hda: Fix Oops by 9.1 surround channel names

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: Fix Oops by 9.1 surround channel names getlineoutpfx may trigger an Oops by overflowing the static array with more than 8 channels. This was reported for MacBookPro 12,1 with Cirrus codec. As a workaround, extend for t...