PT-2026-44309

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtio bt: validate rx pkt type header length virtbt rx handle reads the leading pkt type byte from the RX skb and forwards the remainder to hci recv frame for every event/ACL/SCO/ISO type, without checking that the...

SUSE CVE-2026-43495

In the Linux kernel, the following vulnerability has been resolved: net: wwan: t7xx: validate portcount against message length in t7xxportenummsghandler t7xxportenummsghandler uses the modem-supplied portcount field as a loop bound over portmsg-data without checking that the message buffer contai...

Astra Linux - уязвимость в linux-6.1, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: Firewire: In the net subsystem, a bug related to use-after-free was fixed in the fwnetfinishincomingpacket function. The netifrx function frees the skb, but we cannot dereference it to save the skb-len...

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: pptp: Ensure a minimal skb length in pptpxmit. The commit aabc6596ffb3 “net: ppp: Add bound checking for skb data on pppsynctxmung” fixed pppsynctxmunge. We need a similar fix in pptpxmit; otherwise, we might read uninit data ...

SUSE CVE-2026-43031

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: mac80211: The issue in ieee80211scanrx involves checking the skb length. This code requires hard-coded compile-time constants for determining the header length check. Instead, a dynamic determination based on the frame type shoul...

CVE-2026-43031

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

EUVD-2026-26630

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

CVE-2026-43031 net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets

In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Fix BQL accounting for multi-BD TX packets When a TX packet spans multiple buffer descriptors scatter-gather, axienetfreetxchain sums the per-BD actual length from descriptor status into a caller-provided...

CVE-2026-43031

The CVE concerns the Linux kernel xilinx axienet driver. When a TX packet spans multiple buffer descriptors, the current accounting in axienet_free_tx_chain summing per-BD lengths into an accumulator can lose earlier bytes if the packet completes across different polls, causing BQL to overestimat...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005496)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005496 advisory. In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in atmtcpcsend. syzbot reported the splat below. 0 vccsendms...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005503)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005503 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: ath9khtc: Use skbsetlength for resetting urb before resubmit Syzbot points out that skbtrim...

CLSA-2026-1771241609 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...

CLSA-2026-1771240859 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...

CLSA-2026-1771081379 kernel: Fix of 76 CVEs

HID: core: ensure the allocated report buffer can contain the reserved report ID CVE-2025-38495 - fs/proc: fix uaf in procreaddirde CVE-2025-40271 - ALSA: usb-audio: Fix potential overflow of PCM transfer buffer CVE-2025-40269 - Bluetooth: ISO: Fix possible UAF on isoconnfree CVE-2025-40141 -...

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 kernel was updated to fix various security issues The following security issues were fixed: CVE-2022-50630: mm: hugetlb: fix UAF in hugetlbhandleuserfault bsc1254785. CVE-2022-50700: wifi: ath10k: Delay the unmapping of the buffer bsc1255576. CVE-2023-53254:...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005069)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005069 advisory. In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes syzbot triggered an uninit...

Azure Linux 3.0 Security Update: kernel (CVE-2025-38185)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38185 advisory. - In the Linux kernel, the following vulnerability has been resolved: atm: atmtcp: Free invalid length skb in...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993304 advisory. In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Limit packet length to skb-len Packet length retrieved from skb data may be...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992847)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992847 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger...