PT-2026-07: Local Privilege Escalation Vulnerability in the Linux Kernel (Copy Fail)

This security advisory provides information regarding a Linux kernel vulnerability, CVE-2026-31431 , informally known as Copy Fail. This vulnerability allows for local privilege escalation to the superuser root level and affects the Linux kernel module: algifaead. Vulnerability status : PT NGFW i...

CVE-2026-43284

A flaw was found in the Linux kernel's xfrm-ESP and RxRPC subsystems. Unsafe in-place cryptographic processing of shared socket buffer fragments allows a low-privileged local attacker to corrupt page-cache contents of readable files, including sensitive system files, and gain root privileges. The...

EUVD-2023-60496

In the Linux kernel, the following vulnerability has been resolved: ALSA: ymfpci: Create card with device-managed snddevmcardnew sndcardymfpciremove was removed in commit c6e6bb5eab74 "ALSA: ymfpci: Allocate resources with device-managed APIs", but the call to sndcardnew was not replaced with...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2025-992362)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992362 advisory. In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrit...

UBUNTU-CVE-2023-53224

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call...

DEBIAN-CVE-2022-49430

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpiokeys module can either accept gpios or interrupts. The module initializes delayed work in case of gpios only and is only used if debounce timer is not used, so make...

UBUNTU-CVE-2022-49430

In the Linux kernel, the following vulnerability has been resolved: Input: gpio-keys - cancel delayed work only in case of GPIO gpiokeys module can either accept gpios or interrupts. The module initializes delayed work in case of gpios only and is only used if debounce timer is not used, so make...

SUSE CVE-2024-56577

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtkjpegcore.c since commit 09aea13ecf6f "media: mtk-jpeg: refactor some variables", otherwise the below calltrace can be easily...

AZL-54878 CVE-2024-56577 affecting package kernel for versions less than 6.6.64.2-1

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtkjpegcore.c since commit 09aea13ecf6f "media: mtk-jpeg: refactor some variables", otherwise the below calltrace can be easily...