USN-8344-2: pip regression

USN-8344-1 fixed vulnerabilities in pip. On Ubuntu 22.04 LTS, Ubuntu 24.04 LTS, and Ubuntu 26.04 LTS the patches for CVE-2025-66471 caused a regression when using pip. The patches for CVE-2025-66471 have been temporarily reverted pending investigation. We apologize for the inconvenience. Original...

CVE-2026-45914

In the Linux kernel, the following vulnerability has been resolved: Revert "hwmon: ibmpex fix use-after-free in high/low store" This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch does not completely fix the reported problem, that it in fact...

Linux Distros Unpatched Vulnerability : CVE-2026-45914

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert hwmon: ibmpex fix use-after-free in high/low store This reverts commit 6946c726c3f4c36f0f049e6f97e88c510b15f65d. Jean Delvare points out that the patch...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Treat platformmax consistently as a control value. This change reverts to commit 9bdd10d57a88 “ASoC: ops: Shifted test values in sndsocputvolsw by +min”, and includes some additional related updates. There are two ways...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ata: patamacio: Fix DMA table overflow Kolbjørn and Jonáš reported that their 32-bit PowerMacs were crashing in pata-macio since commit 09fe2bfa6b83 "ata: patamacio: Fix maxsegmentsize with PAGESIZE == 64K". For example: kernel B...

EUVD-2026-9404

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

CVE-2026-23232

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

UBUNTU-CVE-2026-23232

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: block cache/dio write during f2fsenablecheckpoint" This reverts commit 196c81fdd438f7ac429d5639090a9816abb9760a. Original patch may cause below deadlock, revert it. write remount - writebegin - lockpage --- lock A -...

SUSE CVE-2023-54197

In the Linux kernel, the following vulnerability has been resolved: Revert "Bluetooth: btsdio: fix use after free bug in btsdioremove due to unfinished work" This reverts commit 1e9ac114c4428fdb7ff4635b45d4f46017e8916f. This patch introduces a possible null-ptr-def problem. Revert it. And the fix...

UBUNTU-CVE-2023-54217

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

CVE-2023-54217 Revert "drm/msm: Add missing check and destroy for alloc_ordered_workqueue"

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

CVE-2023-54197

CVE-2023-54197: In the Linux kernel, a Bluetooth btsdio use-after-free issue was introduced by reverting a patch; this reversion potentially causes a NULL pointer dereference. The vulnerability is described as resolved by a later commit that fixes the race condition in btsdio_remove.

CVE-2025-68179 s390: Disable ARCH_WANT_OPTIMIZE_HUGETLB_VMEMMAP

In the Linux kernel, the following vulnerability has been resolved: s390: Disable ARCHWANTOPTIMIZEHUGETLBVMEMMAP As reported by Luiz Capitulino enabling HVO on s390 leads to reproducible crashes. The problem is that kernel page tables are modified without flushing corresponding TLB entries. Even ...

Linux Distros Unpatched Vulnerability : CVE-2023-53763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Revert f2fs: fix to do sanity check on extent cache correctly syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 ind...

CVE-2023-53763

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type 'le32923' aka 'unsigned int923' Ca...

CVE-2023-53763

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type 'le32923' aka 'unsigned int923' Ca...

PT-2025-49493

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type ' le32923' aka 'unsigned int923'...

Linux Distros Unpatched Vulnerability : CVE-2025-40316

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/mediatek: Fix device use-after-free on unbind A recent change fixed device reference leaks when looking up drm platform device driver data during bind but...

EUVD-2025-150382

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...

DEBIAN-CVE-2025-40192

In the Linux kernel, the following vulnerability has been resolved: Revert "ipmi: fix msg stack when IPMI is disconnected" This reverts commit c608966f3f9c2dca596967501d00753282b395fc. This patch has a subtle bug that can cause the IPMI driver to go into an infinite loop if the BMC misbehaves in ...