CVE-2026-23313

CVE-2026-23313 : In the Linux kernel, a preempt-count leak was fixed in the i40e driver by replacing get_cpu() with smp_processor_id() in the napi poll tracepoint assignment. The leak occurred because put_cpu() was not invoked to undo the cpu reference, as illustrated by preempt_count traces. The...

CVE-2026-23313

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak in napi poll tracepoint Using getcpu in the tracepoint assignment causes an obvious preempt count leak because nothing invokes putcpu to undo it: softirq: huh, entered softirq 3 NETRX with preemptcoun...

Linux Distros Unpatched Vulnerability : CVE-2026-23390

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing/dma: Cap dmamapsg tracepoint arrays to prevent buffer overflow The dmamapsg tracepoint can trigger a perf buffer overflow when tracing large...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005486)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005486 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix null-ptr-deref in blockdirtybuffer tracepoint When using the block:blockdirtybuffer...

SUSE CVE-2026-23134

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes a sleeping lock. The current check in kmallocnolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

Linux Distros Unpatched Vulnerability : CVE-2026-23134

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes ...

CVE-2026-23134

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes a sleeping lock. The current check in kmallocnolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

kernel security update

5.14.0-611.34.1 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

CVE-2026-23134

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes a sleeping lock. The current check in kmallocnolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

UBUNTU-CVE-2026-23134

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes a sleeping lock. The current check in kmallocnolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

CVE-2026-23134

The event CVE-2026-23134 pertains to the Linux kernel slab/kmalloc_nolock() context checks on PREEMPT_RT. On PREEMPT_RT kernels, local_lock is a sleeping lock; when a BPF program runs from a tracepoint with preemption disabled, kmalloc_nolock() may call local_lock_irqsave() and attempt to acquire...

PT-2026-8129

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmalloc nolock context check for PREEMPT RT On PREEMPT RT kernels, local lock becomes a sleeping lock. The current check in kmalloc nolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

In cpmfwtpmsghandler of cpm/google/lib/tracepoint/cpmfwtpipc.c, there is a possible memory overwrite due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48647

CVE-2025-48647 affects the Google CPM IPC path: cpm_fwtp_msg_handler in cpm/google/lib/tracepoint/cpm_fwtp_ipc.c. The issue is a memory overwrite caused by improper input validation, enabling local elevation of privilege with no additional privileges or user interaction required. Impact is descri...

CVE-2025-71125

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

CVE-2025-71125 tracing: Do not register unsupported perf events

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...

CVE-2025-71125

CVE-2025-71125 affects the Linux kernel tracing subsystem. Synthetic events lack a function to register perf events, causing a NULL function pointer to be passed to tracepoint register logic and triggering a kernel warning in tracepoint_add_func. The patch replaces this path with a -ENODEV return...

CVE-2025-71125 tracing: Do not register unsupported perf events

In the Linux kernel, the following vulnerability has been resolved: tracing: Do not register unsupported perf events Synthetic events currently do not have a function to register perf events. This leads to calling the tracepoint register functions with a NULL function pointer which triggers:...