CVE-2026-31469 virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false

In the Linux kernel, the following vulnerability has been resolved: virtionet: Fix UAF on dstops when IFFXMITDSTRELEASE is cleared and napitx is false A UAF issue occurs when the virtionet driver is configured with napitx=N and the device's IFFXMITDSTRELEASE flag is cleared e.g., during the...

Azure Linux 3.0 Security Update: kernel (CVE-2025-37890)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37890 advisory. - In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability ...

CVE-2025-40270

CVE-2025-40270 pertains to the Linux kernel vulnerability in the swap/cache path affecting VMA readahead. The root cause described across sources is that after the commit 78524b05f1a3, the common helper in the swap cache layer stopped taking a swap device reference internally because callers alre...

SUSE SLES15 Security Update : kernel (Live Patch 4 for SLE 15 SP6) (SUSE-SU-2025:03566-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03566-1 advisory. This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: - CVE-2025-38477: net/sched:...

SUSE SLES12 Security Update : kernel (Live Patch 65 for SLE 12 SP5) (SUSE-SU-2025:03496-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03496-1 advisory. This update for the Linux Kernel 4.12.14-122247 fixes several issues. The following security issues were fixed: - CVE-2024-53168: sunrpc: fix...

EUVD-2019-2298

Malware in sbrugna...

EUVD-2025-18591

Malicious code in bioql PyPI...

SUSE SLES15 Security Update : kernel (Live Patch 49 for SLE 15 SP3) (SUSE-SU-2025:03124-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03124-1 advisory. This update for the Linux Kernel 5.3.18-15030059179 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fi...

RockyLinux 8 : kernel (RLSA-2025:3026)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3026 advisory. kernel: can: bcm: Fix UAF in bcmprocshow CVE-2023-52922 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

CVE-2025-38346 ftrace: Fix UAF when lookup kallsym after ftrace disabled

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...

CVE-2025-38346 ftrace: Fix UAF when lookup kallsym after ftrace disabled

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix UAF when lookup kallsym after ftrace disabled The following issue happens with a buggy module: BUG: unable to handle page fault for address: ffffffffc05d0218 PGD 1bd66f067 P4D 1bd66f067 PUD 1bd671067 PMD 101808067 PTE...

CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

CVE-2025-38180

Summary: CVE-2025-38180 affects the Linux kernel’s ATM /proc net handling (lec). The root cause is unsafe dev_lec[] changes paired with missing dev_hold() before dev_put(), causing an imbalance and use-after-free (UAF). The issue is tied to the net/atm/lec handling code and has been addressed by ...

CVE-2025-38172 erofs: avoid using multiple devices with different type

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be the same type. erofsinitdevice has already guaranteed that if the primary is a file-backed device, extra devic...

CVE-2022-49934 wifi: mac80211: Fix UAF in ieee80211_scan_rx()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix UAF in ieee80211scanrx ieee80211scanrx tries to access scanreq-flags after a null check, but a UAF is observed when the scan is completed and ieee80211scancompleted executes, which then calls cfg80211scandone...

CVE-2025-38062

Summary of CVE-2025-38062: The Linux kernel vulnerability affects the MSI/IOMMU path used for translating MSI addresses. The root cause is a use-after-free-like risk due to storing a cookie pointer (IOVA) in the MSI descriptor across two stages of MSI address translation, which can be race-condit...

CVE-2025-38001

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Address reentrant enqueue adding class to eltree twice Savino says: "We are writing to report that this recent patch 141d34391abbb315d68556b7c67ad97885407547 1 can be bypassed, and a UAF can still occur when HFSC ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifsdumpfullkey CVE-2024-35866 In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option CVE-2025-219...

CVE-2025-37845 tracing: fprobe events: Fix possible UAF on modules

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21727)

"The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21727 advisory. - In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padatareorder A bug...