SUSE-SU-2026:21563-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-39977: futex: Prevent use-after-free during requeue-PI bsc1252048. - CVE-2025-71066: net/sched: ets: Always remove class from active list before...

LSN-0119-1 Kernel Live Patch Security Notice

In the Linux kernel, the following vulnerability has been resolved: btrfs: ref-verify: fix use-after-free after invalid ref action At btrfsreftreemod after we successfully inserted the new ref entry local variable 'ref' into the respective block entry's rbtree local variable 'be', if we find an...

OESA-2026-1862 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on...

SUSE-SU-2026:1101-1 Security update for the Linux Kernel (Live Patch 1 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.3 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in...

SUSE-SU-2026:20947-1 Security update for the Linux Kernel (Live Patch 2 for SUSE Linux Enterprise 16)

This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.7.1 fixes various security issues The following security issues were fixed: - CVE-2025-40214: afunix: Initialise sccindex in unixaddedge bsc1255052. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. -...

SUSE-SU-2026:20886-1 Security update for the Linux Kernel (Live Patch 11 for SUSE Linux Enterprise Micro 6.0)

This update for the SUSE Linux Enterprise Kernel 6.4.0-34.1 fixes various security issues The following security issues were fixed: - CVE-2025-38488: smb: client: fix use-after-free in cryptmessage when using async crypto bsc1247240. - CVE-2025-40258: mptcp: fix race condition in mptcpschedulewor...

SUSE-SU-2026:20720-1 Security update for the Linux Kernel

The SUSE Linux Enterprise Micro 6.0 and Micro 6.1 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-53817: crypto: lib/mpi - avoid null pointer deref in mpicmpui bsc1254992. - CVE-2025-37861: scsi: mpi3mr: Synchronous access b/w reset and tm...

CLSA-2026-1771241609 kernel: Fix of 13 CVEs

vsock: Do not allow binding to VMADDRPORTANY CVE-2025-38618 - cnic: Fix use-after-free bugs in cnicdeletetask CVE-2025-39945 - scsi: bfa: Double-free fix CVE-2025-38699 - pptp: ensure minimal skb length in pptpxmit CVE-2025-38574 - ipv6: reject malicious packets in ipv6gsosegment CVE-2025-38572 -...

Unbreakable Enterprise kernel security update

5.4.17-2136.351.3.2 - tipc: Fix use-after-free in tipcmonreinitself. Kuniyuki Iwashima Orabug: 38855323 CVE-2025-40280 - tipc: simplify the finalize work queue Xin Long Orabug: 38855323 - vsock: Ignore signal/timeout on connect if already established Michal Luczaj Orabug: 38855319 CVE-2025-40248 ...

RockyLinux 8 : kernel-rt (RLSA-2026:0443)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0443 advisory. kernel: media: rc: fix races with imondisconnect CVE-2025-39993 kernel: sctp: avoid NULL dereference when chunk data buffer is missing CVE-2025-40240...

MiracleLinux 9 : webkit2gtk3-2.50.4-1.el9_7 (AXSA:2025-11641:23)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11641:23 advisory. webkitgtk: webkitgtk: Use-after-free due to improper memory management CVE-2025-43529 webkitgtk: Processing maliciously crafted web content may lea...

OESA-2025-2805 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. Th...

RHEL 9 : tigervnc (RHSA-2025:22055)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:22055 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

TencentOS Server 3: firefox (TSSA-2025:0528)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0528 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

RHEL 10 : kernel (RHSA-2025:20095)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:20095 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: xen: Xen hypercall page unsa...

SUSE-SU-2025:20725-1 Security update for kernel-livepatch-MICRO-6-0_Update_5

This update for kernel-livepatch-MICRO-6-0Update5 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

SUSE-SU-2025:20724-1 Security update for kernel-livepatch-MICRO-6-0_Update_4

This update for kernel-livepatch-MICRO-6-0Update4 fixes the following issues: - CVE-2025-38177: kernel: schhfsc: make hfscqlennotify idempotent bsc1246356 - CVE-2025-38109: net/mlx5: fix ECVF vports unload on shutdown flow bsc1245685 - CVE-2025-38181: calipso: fix null-ptr-deref in...

Linux Distros Unpatched Vulnerability : CVE-2023-53363

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d PCI: Assign PCI domain...

Oracle Linux 7 : kernel (ELSA-2025-14987)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-14987 advisory. - kernel: media: uvcvideo: Fix double free in error path CVE-2024-57980 - kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928...

SUSE-SU-2025:03100-1 Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506001020 fixes several issues. The following security issues were fixed: - CVE-2025-38087: net/sched: fix use-after-free in tapriodevnotifier bsc1245504. - CVE-2025-21999: proc: fix UAF in procgetinode bsc1242579. - CVE-2025-38001: netsched: hfsc: Address...