Linux Distros Unpatched Vulnerability : CVE-2026-31528

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf: Make sure to use pmuctx-pmu for groups Oliver reported that x86pmudel ended up doing an out- of-bound memory access when groupschedin fails and needs to...

Linux Distros Unpatched Vulnerability : CVE-2026-23014

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to stil...

Linux Distros Unpatched Vulnerability : CVE-2023-53583

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: perf: RISC-V: Remove PERFHESSTOPPED flag checking in riscvpmustart Since commit 096b52fd2bb4...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20520)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20520 advisory. - perf: Fix perfeventvalidatesize lockdep splat Mark Rutland Orabug: 36261485 CVE-2023-6931 - perf: Fix perfeventvalidatesize Peter Zijlstra Orabu...

Fedora 42 : golang-x-perf (2025-ee0831e677)

The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ee0831e677 advisory. Security update Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...

CVE-2024-43869

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exec and file release The perf pending task work is never waited upon the matching event release. In the case of a child event, released via freeevent directly, this can potentially result in a leaked...

USN-6609-3 linux-oracle, linux-oracle-5.15 vulnerabilities

Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6040 It was discovered that the CIFS...

USN-6536-1 linux, linux-aws, linux-laptop, linux-lowlatency, linux-oem-6.5, linux-oracle, linux-raspi, linux-starfive vulnerabilities

Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service system crash or possibly expose sensitive information kernel memory. CVE-2023-39189 Kyle Zeng...

Important: kernel

Issue Overview: An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access to MMIO registers. Incorrect access checking in the VC handler and instruction emulation of the SEV-ES emulation of MMIO accesses could lead to arbitrary write access to kern...

AZL-31814 CVE-2023-5717 affecting package hyperv-daemons for versions less than 5.15.137.1-1

A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events perf component can be exploited to achieve local privilege escalation. If perfreadgroup is called while an event's siblinglist is smaller than its child's siblinglist, it can increment or write to memor...