systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

CVE-2026-46295

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM component. A race condition in the Advanced Programmable Interrupt Controller APIC interrupt handling can lead to an incorrect state during interrupt synchronization. This issue, occurring between a sender and target virtual...

systemd security update

An update is available for systemd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The systemd packages contain systemd, a system and service manager for Linux,...

RLSA-2026:13677 Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Astra Linux – Vulnerability in Linux

In the Linux kernel, the following vulnerabilities have been resolved: irqchip/gic-v3: Do not enable IRQs when handling spurious interrupts. The following error occurred while running our 4.19 kernel with the pseudo-NMI patches backported to it: 14.816231 ------------ Cut here ------------...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: PM: sleep: The spurious WARNON message was removed from pmrestoregfpmask. Commit 35e4a69b2003f “PM: sleep: Allow pmrestrictgfpmask stacking” introduced a refcount-based GFP mask management mechanism. This mechanism would issue a...

Moderate: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

CVE-2026-43484

A flaw was found in the Linux kernel's MultiMediaCard MMC core. Concurrent updates to bitfield flags, specifically 'claimed' and 'retunenow', can lead to unintended overwrites of other bits in asynchronous contexts. This can trigger spurious warnings and result in system instability or unexpected...

CVE-2026-43265

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM for x86 architectures. A local user or a malicious guest operating system could manipulate the virtual CPU vCPU state by injecting events while the vCPU is in a blocking state. This could lead to a spurious exit to userspace,...

CVE-2026-43265

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ignore -EBUSY when checking nested events from vcpublock Ignore -EBUSY when checking nested events after exiting a blocking state while L2 is active, as exiting to userspace will generate a spurious userspace exit,...

SUSE CVE-2026-31733

In the Linux kernel, the following vulnerability has been resolved: schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non-SCXDSQINVALID triggering a spurious warning in markdirectdispatch when the next wakeup's ops.selectcpu calls scxbpfdsqinsert, such as:...

systemd: systemd: Arbitrary code execution or Denial of Service via spurious IPC API call data

A flaw was found in systemd, a system and service manager. An unprivileged user can exploit this vulnerability by making an Inter-Process Communication IPC API call with spurious data. In older versions v249 and earlier, this can lead to stack overwriting with attacker-controlled content,...

Linux Distros Unpatched Vulnerability : CVE-2026-31733

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schedext: Fix stale direct dispatch state in ddspdsqid @p-scx.ddspdsqid can be left set non- SCXDSQINVALID triggering a spurious warning in markdirectdispatch...

Moderate: systemd security update

The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes...

Astra Linux – Vulnerabilities in Linux-6.1, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: rcar: Use rawspinlock to protect register access The rawspinlock is used to fix spurious messages about invalid context when spinlock debugging is enabled. The lock is only used to serialize register access. 4.239592...

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: media: venus: protection against spurious interrupts during probing. Ensure that the interrupt handler is initialized before the interrupt is registered. If the IRQ is registered before hficreate, it’s possible that an interrupt...

OESA-2026-2123 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is...

OESA-2026-2122 systemd security update

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. Security Fixes: systemd, a system and service manager, as PID 1 hits an assert and freezes execution when an unprivileged IPC API call is made with spurious data. On version v249 and older the effect is...

CVE-2026-31733

A flaw was found in the Linux kernel's schedext component. The scheduler's direct dispatch state ddspdsqid was not consistently cleared across all execution paths. This oversight could leave the system in an incorrect state, leading to spurious warnings and unexpected behavior during task dispatc...