CVE-2026-52952

Summary: CVE-2026-52952 affects the Linux kernel IOMMU subsystem. A race occurs during device recovery when multiple memory domains are attached concurrently, which can trigger a Use-After-Free (UAF) due to concurrent domain detachment and re-attachment in a multi-device group sharing the same RI...

CVE-2026-22999 net/sched: sch_qfq: do not free existing class in qfq_change_class()

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: do not free existing class in qfqchangeclass Fixes qfqchangeclass error case. cl-qdisc and cl should only be freed if a new class and qdisc were allocated, or we risk various UAF...

RHEL 9 : kernel-rt (RHSA-2025:22124)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22124 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism...

EUVD-2024-51815

Malicious code in bioql PyPI...

SUSE-SU-2025:03191-1 Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505005583 fixes several issues. The following security issues were fixed: - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2022-49053: scsi: target: tcmu: Fix possible page UAF bsc1237930. - CVE-2025-38001: netsched: hfsc: Address reentra...

UBUNTU-CVE-2025-38578

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid UAF in f2fssyncinodemeta syzbot reported an UAF issue as below: 1 2 1 https://syzkaller.appspot.com/text?tag=CrashReport&x=16594c60580000 ================================================================== BUG:...

AZL-72754 CVE-2025-38062 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msidesc instead of iommucookie The IOMMU translation for MSI message addresses has been a 2-step process, separated in time: 1 iommudmapreparemsi: A cookie pointer containing the IOVA...

CVE-2025-37845

In the Linux kernel, the following vulnerability has been resolved: tracing: fprobe events: Fix possible UAF on modules Commit ac91052f0ae5 "tracing: tprobe-events: Fix leakage of module refcount" moved trymoduleget from findtracepointmodulecb to findtracepoint caller, but that introduced a...

CVE-2025-37882 usb: xhci: Fix isochronous Ring Underrun/Overrun event handling

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Fix isochronous Ring Underrun/Overrun event handling The TRB pointer of these events points at enqueue at the time of error occurrence on xHCI 1.1+ HCs or it's NULL on older ones. By the time we are handling the event,...

CBL Mariner 2.0 Security Update: kernel (CVE-2025-21763)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-21763 advisory. - In the Linux kernel, the following vulnerability has been resolved: neighbour: use RCU protection in...

March 11, 2025—KB5053995 (Security-only update)

March 11, 2025—KB5053995 Security-only update End of support information Support for Windows Server 2008 has ended Windows Server 2008 Premium Assurance ended on January 13, 2026.Windows Server 2008 Extended Security Updates ESU ended on January 10, 2023. Additionally, Extended Security Updates o...

March 11, 2025—KB5053888 (Monthly Rollup)

March 11, 2025—KB5053888 Monthly Rollup End of support information Support for Windows Server 2008 has ended Windows Server 2008 Premium Assurance ended on January 13, 2026.Windows Server 2008 Extended Security Updates ESU ended on January 10, 2023. Additionally, Extended Security Updates on Azur...

CVE-2024-58034 memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()

In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegraemcfindnodebyramcode As offindnodebyname release the reference of the argument device node, tegraemcfindnodebyramcode releases some device nodes while still in use,...

AZL-58476 CVE-2025-21791 affecting package kernel for versions less than 5.15.179.1-1

In the Linux kernel, the following vulnerability has been resolved: vrf: use RCU protection in l3mdevl3out l3mdevl3out can be called without RCU being held: rawsendmsg ippushpendingframes ipsendskb iplocalout iplocalout l3mdevipout Add rcureadlock / rcureadunlock pair to avoid a potential UAF...

CVE-2025-21759

In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6send igmp6send can be called without RTNL or RCU being held. Extend RCU protection so that we can safely fetch the net pointer and avoid a potential UAF. Note that we no longer can use...

Azure Linux 3.0 Security Update: kernel (CVE-2024-36971)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-36971 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: fix dstnegativeadvice race...

Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: CVE-2024-35905: Fixed int overflow for stack access size bsc1226327. CVE-2021-47598: schcake: do not call cakedestroy from cakeinit bsc1227471. CVE-2024-35863: Fixed potential UAF i...

CVE-2021-47342 ext4: fix possible UAF when remounting r/o a mmp-protected file system

In the Linux kernel, the following vulnerability has been resolved: ext4: fix possible UAF when remounting r/o a mmp-protected file system After commit 618f003199c6 "ext4: fix memory leak in ext4fillsuper", after the file system is remounted read-only, there is a race where the kmmpd thread can...

CVE-2024-26598 KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translation cache hit racing with an operation that invalidates the cache, such as a DISCARD ITS command...

CVE-2023-28577

In the function call related to CAMREQMGRRELEASEBUF there is no check if the buffer is being used. So when a function called cammemgetcpubuf to get the kernel va to use, another thread can call CAMREQMGRRELEASEBUF to unmap the kernel va which cause UAF of the kernel address...