ALSA-2026:6036 Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in...

Moderate: kernel security update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in macvlancommonnewlink CVE-2026-23209 kernel: net/sched: clsu32: use...

Moderate: kernel-rt security update

The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: kernel: Linux kernel: Use-After-Free vulnerability in ATM subsystem CVE-2025-38180 kernel: macvlan: fix error recovery in...

Security Bulletin: IBM Technical Support Appliance - potential denial of service in Linux kernel subsystems

Summary Multiple vulnerabilities have been identified in the Linux kernel affecting subsystems including RDMA rxe and core memory management. These issues involve conditions such as double free, incomplete state handling, and NULL pointer dereference, which could lead to system instability or...

CVE-2026-32713

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc2, A logic error in the PX4 Autopilot MAVLink FTP session validation uses incorrect boolean logic && instead of ||, allowing BurstReadFile and WriteFile operations to proceed with invalid sessions or closed file descriptors...

wifi: cfg80211: cancel rfkill_block work in wiphy_unregister()

...

CVE-2026-23368

A flaw was found in the Linux kernel. An AB-BA deadlock can occur within the net: phy subsystem when registering LED triggers. This vulnerability arises because LEDTRIGGERPHY attempts to acquire the rtnlmutex and then triggerslistlock, while LEDSTRIGGERNETDEV acquires these locks in the reverse...

SUSE CVE-2026-23301

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Add allocation failure check for Entity name Currently findsdcaentityiot can allocate a string for the Entity name but it doesn't check if that allocation succeeded. Add the missing NULL check after the allocation...

SUSE CVE-2026-23347

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usbkillanchoredurbs is...

CVE-2026-23360

A flaw was found in the Linux kernel's Non-Volatile Memory Express NVMe subsystem. When an NVMe controller is reset, a previously allocated administration queue may not be properly released before a new one is created. This can lead to the old queue becoming orphaned, potentially causing resource...

CVE-2026-23302

A flaw was found in the Linux kernel. This vulnerability involves data races within the networking subsystem, specifically related to how network socket pointers are handled concurrently by multiple central processing units CPUs. Without proper synchronization, this concurrent access can lead to...

CVE-2026-23361

A flaw was found in the Linux kernel. A race condition exists in the handling of Message Signaled Interrupts eXtended MSI-X within the PCI subsystem. When an MSI-X interrupt is raised, a PCI posted write transaction may not complete before its associated Address Translation Unit ATU entry is...

CVE-2026-23387

A flaw was found in the Linux kernel, specifically within the pinctrl subsystem's cirrus cs42l43 driver. This flaw involves a 'double-put' error in the cs42l43pinprobe function, where a resource is incorrectly released twice. This issue arises because the devmaddactionorreset function already...

CVE-2026-23333

A flaw was found in the Linux kernel's netfilter subsystem, specifically within the nftsetrbtree component. This vulnerability arises from improper validation of open intervals, particularly when an open interval is at the end of a set of network filter rules. An attacker could potentially craft...

CVE-2026-23349

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the pidff module. This vulnerability occurs because not all conditional effect bits were properly cleared, leading to null pointer dereferences. A local attacker could potentially exploit this flaw to...

USN-8098-8 linux-azure-fips vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

USN-8098-8: Linux kernel (Azure FIPS) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

CVE-2026-23355

A flaw was found in the Linux kernel's libata subsystem. This vulnerability occurs due to improper handling of deferred work. When ap-deferredqc is cleared, the associated queued work is not canceled, leading to the work being executed at an inappropriate time. This can result in a WARNON...

USN-8098-7 linux-azure vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

CVE-2026-23339

A flaw was found in the Linux kernel's Near Field Communication NFC subsystem. When the ncitransceive function encounters certain error conditions, it fails to properly free allocated kernel memory. This memory leak can accumulate over time, potentially leading to resource exhaustion and affectin...