USN-7986-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ceph distributed file system; - JFFS2 file system; - Timer subsystem; - USB sound devices; CVE-2024-26689,...

USN-7986-1 linux vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ceph distributed file system; - JFFS2 file system; - Timer subsystem; - USB sound devices; CVE-2024-26689,...

SUSE-SU-2026:0316-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2022-49604,CVE-2025-40074: ip: Fix data-races around sysctlipfwdusepmtu bsc1238414 bsc1252794. - CVE-2022-50527: drm/amdgpu: Fix size validation for non-exclusive...

CVE-2026-23014

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

CVE-2026-23014 perf: Ensure swevent hrtimer is properly destroyed

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimertrytocancel in perfsweventcancelhrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the event doe...

PT-2026-5128

In the Linux kernel, the following vulnerability has been resolved: perf: Ensure swevent hrtimer is properly destroyed With the change to hrtimer try to cancel in perf swevent cancel hrtimer it appears possible for the hrtimer to still be active by the time the event gets freed. Make sure the eve...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005134)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005134 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount Syzbot has found an ODEBUG bug in ext4fillsuper Th...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005073)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005073 advisory. In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdttrigger When the cpu5wdt module is...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005125)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005125 advisory. In the Linux kernel, the following vulnerability has been resolved: MIPS: cevt-r4k: Don't call getc0compareint if timer irq is installed This avoids warning: 0.11805...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005037)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005037 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix race of sndseqtimeropen The timer instance per queue is exclusive, and...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005184)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005184 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp/dccp: Don't use timerpending in reqskqueueunlink. Martin KaFai Lau reported use-after-free 0...

SUSE CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-004957)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004957 advisory. In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel If an exiting...

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

UBUNTU-CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

CVE-2026-22997

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

EUVD-2026-4637

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

CVE-2026-22997

The CVE-2026-22997 issue affects the Linux kernel CAN/J1939 subsystem. The root cause is that j1939_session_deactivate_activate_next() is only invoked in j1939_tp_rxtimer() when the timer is enabled, allowing a refcount leak if the timer is cancelled without calling the function. This can lead to...

CVE-2026-22997 net: can: j1939: j1939_xtp_rx_rts_session_active(): deactivate session upon receiving the second rts

In the Linux kernel, the following vulnerability has been resolved: net: can: j1939: j1939xtprxrtssessionactive: deactivate session upon receiving the second rts Since j1939sessiondeactivateactivatenext in j1939tprxtimer is called only when the timer is enabled, we need to call...

OESA-2026-1231 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: scsi: libsas: Fix use-after-free bug in smpexecutetasksg When executing SMP task failed, the smpexecutetasksg calls deltimer to delete "slowtask-timer". However,...