EUVD-2026-39257

In the Linux kernel, the following vulnerability has been resolved: futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target PI futex, taskblocksonrtmutex returns -EDEADLK before setting...

RockyLinux 8 : kernel-rt (RLSA-2026:27354)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:27354 advisory. kernel: Linux kernel: Use-after-free in bonding driver leads to denial of service CVE-2026-31419 kernel: drm/amd/display: Do not skip unrelated mode...

RHEL 8 : kernel (RHSA-2026:27353)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:27353 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-after-free ...

Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Disabling bottom softirqs as part of spinlockirq on PREEMPTRT sndpcmgrouplockirq acquires a spinlockt and disables interrupts via spinlockirq. This also implicitly disables the handling of softirqs such as TIMERSOFTIRQ...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: rcutorture: Fixed the rcutortureoneextendcheck function in RT kernels. For kernels built with CONFIGPREEMPTRT=y, running the rcutorture tests resulted in the following errors: 68.797425 rcutortureoneextendcheck: Current value: 0x...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Fixed deadlock issue when using the NCM gadget The cdns3 driver suffers from the same deadlock issue as fixed in cdnsp with the commit 58f2fcb3a845 „usb: cdnsp: Fixed deadlock issue during use of the NCM gadget”. Unde...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: bpf: Fixed a race condition in cpumap on PREEMPTRT kernels. On PREEMPTRT kernels, the per-CPU xdpbulkqueue can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes that bqenqueue an...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: idpf: fixed the PREEMPTRT raw/bh spinlock nesting issue for async VC handling The code has been changed to use a local lock instead of the raw spinlock provided by the completion structure in the idpfvcxn struct. This conversion ...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: clocksource: Use migratedisable to avoid calling getrandomu32 in an atomic context. The following bug report occurred with the PREEMPTRT kernel: - Bug: A sleeping function was called from an invalid context at...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sofsdwrtsdcajackcommon: ctx-headsetcodecdev = NULL The function sofsdwRtsdcajackexit is used by different codecs, and some of them use the same interface name dai. For example, rt712 and rt713 both use...

PT-2026-48956

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...

CVE-2026-37221

FlexRIC v2.0.0 crashes when receiving a RICSUBSCRIPTIONRESPONSE with an unknown ricid that has no corresponding pending event. The near-RT RIC uses assert to enforce the existence of a pending event during response processing. A remote unauthenticated attacker can send a forged...

CVE-2026-10948

Use after free in WebRTC in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

CVE-2026-37230

FlexRIC v2.0.0 crashes when the near-RT RIC receives a RICINDICATION message with a ranfuncid that does not exist in its registry. The lookup returns NULL, triggering assert in Debug builds SIGABRT or NULL pointer dereference in Release builds SIGSEGV. A remote unauthenticated attacker can crash...

SUSE-SU-2026:21964-1 Security update for the Linux Kernel RT (Live Patch 11 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.32.1 fixes various security issues The following security issues were fixed: - CVE-2026-23437: net: shaper: protect late read accesses to the hierarchy bsc1261845. - CVE-2026-31406: xfrm: Fix work re-schedule after cancel in...

SUSE-SU-2026:21963-1 Security update for the Linux Kernel RT (Live Patch 4 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.9.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. -...

SUSE-SU-2026:21907-1 Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

SUSE-SU-2026:21929-1 Security update for the Linux Kernel RT (Live Patch 15 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-39.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...

SUSE-SU-2026:21930-1 Security update for the Linux Kernel RT (Live Patch 18 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-40.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption bsc1264096. - CVE-2026-23243: RDMA/umad: Reject negative datalen in ibumadwrite bsc1259798. - CVE-2026-23274:...