SUSE-SU-2026:21845-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

SUSE-SU-2026:21860-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 16.0 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-2058: x86/CPU: Fix FPDSS on Zen1 bsc1243603. - CVE-2024-14027: xattr: switch to CLASSfd bsc1259420. - CVE-2025-40181: x86/kvm: Force legacy PCI hole to UC when...

Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: fix setting of fpc register kvmarchvcpuioctlsetfpu allows to set the floating point control fpc register of a guest cpu. The new value is tested for validity by temporarily loading it into the fpc register. This may le...

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Fixed a race condition between enabling/disabling SR-IOV and hot-plug events. The commit 05703271c3cd “PCI/IOV: Added locking for PCI rescan and removal when enabling/disabling SR-IOV” attempted to address a race conditi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Memory corruption occurs when using the identity domain. zpcigetiommuctrs returns counter information that needs to be reported as part of device statistics. These counters are stored as part of the s390domain. Howeve...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000953)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000953 advisory. The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page- table levels, which allows local users to cause a denial o...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004405)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004405 advisory. In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004121)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004121 advisory. In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001819)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001819 advisory. arch/s390/kernel/ptrace.c in the Linux kernel before 3.15.8 on the s390 platform does not properly restrict address-space control operations in PTRACEPOKEUSRAREA...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001798)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001798 advisory. The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page- table levels, which allows local users to cause a denial o...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002877)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002877 advisory. The fork implementation in the Linux kernel before 4.5 on s390 platforms mishandles the case of four page- table levels, which allows local users to cause a denial o...

CVE-2025-68790

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix double unregister of HCAPORTS component Clear hcadevcomcomp in device's private data after unregistering it in LAG teardown. Otherwise a slightly lagging second pass through mlx5unloadone might try to unregister it...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000336)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000336 advisory. In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enablesacfuaccess in...

CVE-2023-53746

CVE-2023-53746 relates to a memory leak in the s390/vfio-ap device driver of the Linux kernel. The release path freed the vfio_matrix_dev memory by calling kfree, but the object is not stored as drvdata for the device; the code then relies on null pointer handling, causing the vfio_matrix_dev mem...

AZL-71293 CVE-2025-40219 affecting package kernel for versions less than 6.6.117.1-1

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...

CVE-2025-40219

CVE-2025-40219 concerns the Linux kernel SR-IOV PCI handling. The vulnerability stems from missing serialization locks around SR-IOV VF removal/enabling: sriov_disable() could remove VF PCI devices without holding the global PCI rescan-remove lock, risking double-remove/list corruption (notably o...

EUVD-2025-201184

In the Linux kernel, the following vulnerability has been resolved: PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV Before disabling SR-IOV via config space accesses to the parent PF, sriovdisable first removes the PCI devices representing the VFs. Since commit 9d16947b7583...

SUSE CVE-2025-39958

In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Make attach succeed when the device was surprise removed When a PCI device is removed with surprise hotplug, there may still be attempts to attach the device to the default domain as part of tear down via...

EUVD-2014-2091

Malware in sbrugna...

EUVD-2011-0725

Malware in sbrugna...