Fedora 44 : haveged (2026-02b08daa05)

The remote Fedora 44 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2026-02b08daa05 advisory. Update to 1.9.22 fix systemd sandboxing: add ReadWritePaths=/dev/shm for semaphore creation Backport fix for CVE-2026-41054: privilege escalation via command...

CVE-2026-46154

In the Linux kernel, the following vulnerability has been resolved: schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the pointer can be stale by the time the op runs. If the loaded scheduler is...

UBUNTU-CVE-2026-46154

In the Linux kernel, the following vulnerability has been resolved: schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the pointer can be stale by the time the op runs. If the loaded scheduler is...

CVE-2026-46154 sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters

In the Linux kernel, the following vulnerability has been resolved: schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the pointer can be stale by the time the op runs. If the loaded scheduler is...

CVE-2026-46154

In the Linux kernel, the following vulnerability has been resolved: schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the pointer can be stale by the time the op runs. If the loaded scheduler is...

SUSE CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

semaphore-2.18.1-1.1 on GA media (moderate)

semaphore-2.18.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10712-1 Rating: moderate Cross-References: CVE-2026-34986 CVSS scores: CVE-2026-34986 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2026-34986 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:...

EUVD-2026-28665

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

CVE-2026-43359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow If the set received ioctl fails due to an item overflow when attempting to add the BTRFSUUIDKEYRECEIVEDSUBVOL we have to abort the transaction since we did...

SUSE CVE-2026-43126

In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer calls the kcontrol ops rather individually, and pending calls might be not always caught at disconnecting the device. For avoiding the potential UAF scenarios...

SUSE CVE-2026-43253

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move waitonsem out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as waitonsem busy-waits under the spinlock with interrupts disabled. Move the...

CVE-2026-43253

CVE-2026-43253 relates to the Linux kernel IOMMU AMD component. When iommu.strict=1, the wait_on_sem() busy-wait runs inside a spinlock with interrupts disabled, risking soft lockups under load. The fix moves the completion wait out of the spinlock in iommu_completion_wait(), since wait_on_sem() ...

CVE-2026-43253 iommu/amd: move wait_on_sem() out of spinlock

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move waitonsem out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as waitonsem busy-waits under the spinlock with interrupts disabled. Move the...

CVE-2026-43253

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: move waitonsem out of spinlock With iommu.strict=1, the existing completion wait path can cause soft lockups under stressed environment, as waitonsem busy-waits under the spinlock with interrupts disabled. Move the...

CVE-2026-43220

The CVE-2026-43220 entry concerns the Linux kernel iommu/amd component. The issue arises under concurrent TLB invalidations when CMD_COMPL_WAIT sequencing can be broken because cmd_sem_val was incremented outside the IOMMU spinlock, causing out-of-sequence command queuing and a disrupted completi...

PT-2026-38529

These are all security issues fixed in the semaphore-2.18.1-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10712-1 semaphore-2.18.1-1.1 on GA media

These are all security issues fixed in the semaphore-2.18.1-1.1 package on the GA media of openSUSE Tumbleweed...

kernel: Linux kernel: Denial of Service due to a deadlock in hugetlb folio migration

A flaw was found in the Linux kernel. A local attacker could exploit a deadlock vulnerability due to incorrect lock ordering between foliolock and immaprwsem when migrating hugetlb file-backed folios. This could lead to hung tasks and potential system-wide stalls, resulting in a Denial of Service...

Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15

A issue was discovered in the file drivers/media/dvb-core/dvbfrontend.c within the Linux kernel version 6.2. There is a blocking operation that occurs when a task is in the !TASKRUNNING state. In the function dvbfrontendgetevent, the function waiteventinterruptible is called; the condition used i...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: RDMA/hfi1: Fixed a use-after-free bug related to the mm structure. Under certain conditions, such as MPIAbort, the hfi1 cleanup code may represent the last reference to the task’s mm structure. The hfi1mmurbunregister function...