CVE-2026-46065

CVE-2026-46065 affects the Linux kernel framebuffer (fbdev) defio mechanism. The issue arises from disconnecting deferred I/O from the lifetime of struct fb_info, by holding state in struct fb_deferred_io_state and freeing the instance only after the final mapping closes. If fb_info/defio are fre...

PT-2026-43932

In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb info Hold state of deferred I/O in struct fb deferred io state. Allocate an instance as part of initializing deferred I/O and remove it only after the final...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak CVE-2023-53424 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac CVE-2025-38643 In the Linux...

EUVD-2006-5158

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2025-39763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggerin...

CVE-2025-39763

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...

AZL-70825 CVE-2025-39763 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered If a synchronous error is detected as a result of user-space process triggering a 2-bit uncorrected error, the CPU will take a synchronous error...

CVE-2025-39763

CVE-2025-39763 affects the Linux kernel and describes an ACPI: APEI path where a synchronous memory error that is not recovered can cause the kernel to queue memory_failure() and poison a page, unmap it, and send SIGBUS to the triggering process to avoid a system-wide panic. The issue arises when...

CVE-2022-49828 hugetlbfs: don't delete error page from pagecache

In the Linux kernel, the following vulnerability has been resolved: hugetlbfs: don't delete error page from pagecache This change is very similar to the change that was made for shmem 1, and it solves the same problem but for HugeTLBFS instead. Currently, when poison is found in a HugeTLB page, t...

PT-2025-18545 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, related to the handling of poisoned pages in HugeTLBFS. When a poisoned page is found, it is currently removed from the page cach...

CVE-2025-39989

The CVE-2025-39989 issue affects the Linux kernel’s x86 memory error handling (MCE) path. Root cause: a patch series changes the copy-from-user recovery flow by introducing and switching extable fixup types, notably EX_TYPE_EFAULT_REG, instead of handling EX_TYPE_UACCESS for poison found in get_u...

DEBIAN-CVE-2025-22033

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

CVE-2025-22033

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

UBUNTU-CVE-2025-22033

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

CVE-2025-22033

CVE-2025-22033: Linux kernel arm64 fix for a NULL pointer dereference in alignment handling. The issue occurs when do_alignment_t32_to_handler() fixes only specific instructions and returns NULL for others (e.g., LDREX); callers would proceed with regular alignment fault handling (SIGBUS). Withou...

CVE-2025-22033 arm64: Don't call NULL in do_compat_alignment_fixup()

In the Linux kernel, the following vulnerability has been resolved: arm64: Don't call NULL in docompatalignmentfixup doalignmentt32tohandler only fixes up alignment faults for specific instructions; it returns NULL otherwise e.g. LDREX. When that's the case, signal to the caller that it needs to...

CVE-2025-21907 mm: memory-failure: update ttu flag inside unmap_poisoned_folio

In the Linux kernel, the following vulnerability has been resolved: mm: memory-failure: update ttu flag inside unmappoisonedfolio Patch series "mm: memoryfailure: unmap poisoned folio during migrate properly", v3. Fix two bugs during folio migration if the folio is poisoned. This patch of 3: Comm...

SUSE CVE-2024-41021

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix VMFAULTHWPOISON handling in doexception There is no support for HWPOISON, MEMORYFAILURE, or ARCHHASCOPYMC on s390. Therefore we do not expect to see VMFAULTHWPOISON in doexception. However, since commit af19487f00f3...

CVE-2024-41021 s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception()

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix VMFAULTHWPOISON handling in doexception There is no support for HWPOISON, MEMORYFAILURE, or ARCHHASCOPYMC on s390. Therefore we do not expect to see VMFAULTHWPOISON in doexception. However, since commit af19487f00f3...

RHEL 8 : libtpms (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtpms: out-of-bounds access when trying to resume the state of the vTPM CVE-2021-3623 - A flaw was foun...