SUSE-SU-2026:21845-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

Ubuntu Pro FIPS-updates 24.04 LTS : Linux kernel (FIPS) vulnerabilities (USN-8296-1)

The remote Ubuntu Pro FIPS-updates 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8296-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: ftrace: Fixed a use-after-free issue for dynamic ftraceops. KASAN reported a use-after-free with ftrace ops 1. It was discovered that perf had registered two ops with the same content, both being dynamic. After unregistering t...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure that the swevent hrtimer is properly destroyed. With the change to hrtimertrytocancel in perfsweventcancelhrtimer, it appears that the hrtimer may still be active by the time the event is freed. Make sure that the...

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: Tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer, which triggers the...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerabilities have been resolved: perf/x86/amd/uncore: Fixed a memory leak related to the events array. When a CPU comes online, the per-CPU NB and LLC uncore contexts are freed, but the events array within the context structure is not freed. This causes a...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Limit the period on Haswell Running the ltp test cve-2015-3290 concurrently reports the following warnings. perfevents: irq loop stuck! WARNING: CPU: 31 PID: 32438 at arch/x86/events/intel/core.c:3174...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: perf: Avoid undefined behavior from stopping/starting inactive events Calling pmu-start/stop on perf events in PERFEVENTSTATEOFF can leave event-hw.idx at -1. When PMU drivers later attempt to use this negative index as a shift...

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix data race between perfeventsetoutput and perfmmapclose Yang Jihing reported a race between perfeventsetoutput and perfmmapclose: CPU1 CPU2 perfmmapclosee2 if atomicdecandtest&e2-rb-mmapcount // 1 - 0 detachrest =...

SUSE-SU-2026:21255-1 Security update for the Linux Kernel

The SUSE Linux Micro RT 6.0 and 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc1226591. - CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in efivarfsdcompare bsc124999...

SUSE-SU-2026:21123-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2024-38542: RDMA/manaib: boundary check before installing cq callbacks bsc1226591. - CVE-2025-39817: efivarfs: Fix slab-out-of-bounds in...

EUVD-2026-18675

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Move event pointer setup earlier in x86pmuenable A production AMD EPYC system crashed with a NULL pointer dereference in the PMU NMI handler: BUG: kernel NULL pointer dereference, address: 0000000000000198 RIP:...

CVE-2026-23271

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perfeventoverflow vs perfremovefromcontext race Make sure that perfeventoverflow runs with IRQs disabled for all possible callchains. Specifically the software events can end up running it with only preemption disabled...

CVE-2026-23127

In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling refcountinc&event-;mmapcount inside perfmmaprb, the following warning is triggered: refcountt: addition on 0; use-after-free. WARNING: lib/refcount.c:25 PoC:...

UBUNTU-CVE-2026-23014

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

MiracleLinux 8 : kernel-4.18.0-477.21.1.el8_8 (AXSA:2023-6359:23)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6359:23 advisory. kernel: use-after-free in l2capconnect and l2capleconnectreq in net/bluetooth/l2capcore.c CVE-2022-42896 kernel: tcindex: use-after-free vulnerabili...

SUSE CVE-2025-71125

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

SUSE CVE-2025-68798

In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd: Check event before enable to avoid GPF On AMD machines cpuc-eventsidx can become NULL in a subtle race condition with NMI-throttle-x86pmustop. Check event for NULL in amdpmuenableall before enable to avoid a GPF. Th...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002044)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002044 advisory. arch/arm64/kernel/perfevent.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service invalid pointer...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003479)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003479 advisory. Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent...