CVE-2026-45972

The CVE-2026-45972 issue affects the Linux kernel SMB client, specifically smb2_open_file(), where improper handling could lead to memory corruption (UAF) or a double free during SMB2_open() retries. The fixed description states that zeroing err_iov and err_buftype before retrying SMB2_open() pre...

RHEL 9 : kernel (RHSA-2025:21469)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:21469 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: KVM: x86/hyper-v: Skip...

SUSE CVE-2025-39983

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix UAF in hciconntxdequeue This fixes the following UAF caused by not properly locking hdev when processing HCIEVNUMCOMPPKTS: BUG: KASAN: slab-use-after-free in hciconntxdequeue+0x1be/0x220...

EUVD-2024-53415

Malicious code in bioql PyPI...

EUVD-2025-9425

Malicious code in bioql PyPI...

EUVD-2025-22609

Malicious code in bioql PyPI...

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

CVE-2025-38394

The CVE-2025-38394 issue is in the Linux kernel HID path (appletkd/b appletb-kbd) where an input handler is registered to input core and then, if probe fails, freed memory remains in input_handler_list. This creates a use‑after‑free condition (UAF) in input_attach_handler during subsequent device...

CVE-2022-50229

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

CVE-2022-50229 ALSA: bcd2000: Fix a UAF bug on the error path of probing

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21715)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21715 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove...

CVE-2025-21896

In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to readaheadfolio for readahead In commit 3eab9d7bc2f4 "fuse: convert readahead to use folios", the logic was converted to using the new folio readahead code, which drops the reference on the folio once it is...

CVE-2025-21896 fuse: revert back to __readahead_folio() for readahead

In the Linux kernel, the following vulnerability has been resolved: fuse: revert back to readaheadfolio for readahead In commit 3eab9d7bc2f4 "fuse: convert readahead to use folios", the logic was converted to using the new folio readahead code, which drops the reference on the folio once it is...

Azure Linux 3.0 Security Update: kernel (CVE-2024-50051)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50051 advisory. - In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before...

CBL Mariner 2.0 Security Update: kernel (CVE-2024-50051)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-50051 advisory. - In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: Add cancelworksync before...

Linux Distros Unpatched Vulnerability : CVE-2024-40906

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if teardownhca fails to...

CVE-2025-21715 net: davicom: fix UAF in dm9000_drv_remove

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000drvremove dm is netdev private data and it cannot be used after freenetdev call. Using dm after freenetdev can cause UAF bug. Fix it by moving freenetdev at the end of the function. This is similar ...

CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for realdev Create a new macsec device but not get reference to realdev. That can not ensure that realdev is freed after macsec. That will trigger the UAF bug for realdev as following:...

CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...