Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50171)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-50171 advisory. - macvlan: fix error recovery in macvlancommonnewlink Eric Dumazet Orabug: 39057366 CVE-2026-23209 - netfilter: nftables: fix inverted genmask check in...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2026-50145)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-50145 advisory. - macvlan: fix error recovery in macvlancommonnewlink Eric Dumazet Orabug: 39057366 CVE-2026-23209 - netfilter: nftables: fix inverted genmask che...

SUSE CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

Linux Distros Unpatched Vulnerability : CVE-2026-23164

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, ...

CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

UBUNTU-CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

CVE-2026-23164 rocker: fix memory leak in rocker_world_port_post_fini()

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

EUVD-2026-5873

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

CVE-2026-23164

CVE-2026-23164 affects the Linux kernel rocker subsystem. The root cause is a memory leak: rocker_world_port_pre_init() allocates rocker_port->wpriv with kzalloc, but rocker_world_port_post_fini() frees it only if wops->port_post_fini is set. Since rock­er_ofdpa_ops provides port_post_fini ...

CVE-2026-23164

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

CVE-2026-23164 rocker: fix memory leak in rocker_world_port_post_fini()

In the Linux kernel, the following vulnerability has been resolved: rocker: fix memory leak in rockerworldportpostfini In rockerworldportpreinit, rockerport-wpriv is allocated with kzallocwops-portprivsize, GFPKERNEL. However, in rockerworldportpostfini, the memory is only freed when...

PT-2026-8159

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A memory leak exists in the rocker module within the Linux kernel, specifically within the rocker world port post fini function. When ports are removed, memory allocated for rocker...

EUVD-2015-8578

Malware in sbrugna...

CBL Mariner 2.0 Security Update: qemu (CVE-2022-36648)

The version of qemu installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-36648 advisory. - The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier,...

The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU as used in 7.0.0 and earlier allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third parties as not a valid vulnerability due to the rocker device not falling within the virtualization use case.

...

Reflectionless Templates With Spring

A few Java libraries have shown up recently that use text templates, but compile to Java classes at build time. They can thus claim to some extent to be "reflection free". Together with potential benefits of runtime performance, they promise to be easy to use and integrate with GraalVM native ima...

CVE-2022-36648

A NULL pointer dereference bug was found in the rocker device emulated ethernet switch of QEMU. The rockertlvparsenested function could return early because of no group ids in the grouptlvs array. In such case, the tlvs pointer is NULL and tlvsi + 1 in the next for-loop iteration ends up...

SUSE CVE-2022-36648

The hardware emulation in the ofdpacmdaddl2flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS. Note: This has been disputed by multiple third...