CLSA-2026-1767867153 kernel: Fix of 16 CVEs

crypto: lzo - Fix compression buffer overrun CVE-2025-38068 - wifi: brcmfmac: fix use-after-free when rescheduling brcmfbtcoexinfo work CVE-2025-39863 - NFSD: Protect against send buffer overflow in NFSv2 READ CVE-2022-43945 - tcp: Clear tcpsksk-fastopenrsk in tcpdisconnect. CVE-2025-40186 - can:...

kernel: x86/vmscape: Add conditional IBPB mitigation

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor like QEMU. Existing mitigations already protect kernel/KVM...

Red Hat OpenShift Virtualization 4 安全漏洞

Red Hat OpenShift Virtualization 4 is a virtual machine management component from Red Hat USA. A security vulnerability exists in Red Hat OpenShift Virtualization 4 that originates from unauthorized PVC cloning...

SUSE Virtualization Harvester 安全漏洞

SUSE Virtualization Harvester is a virtual machine management platform from SUSE Germany. A security vulnerability exists in SUSE Virtualization Harvester versions 1.5.x and 1.6.x, which stems from the exposure of the default SSH login password and could lead to an unauthorized access attack...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000292)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000292 advisory. The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free. Tenable has extracted the preceding description block directly from the Unity Linux...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000232)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000232 advisory. A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister MSR access with nested=1 virtualization enabled. In that, L1 guest could access...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000309)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000309 advisory. A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000260)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000260 advisory. An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write...

Moderate: Red Hat Enhancement Advisory: OpenShift Virtualization 4.17.39 Images

Red Hat OpenShift Virtualization release 4.17.39 is now available with updates to packages and images that fix several bugs and add enhancements. OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift...

Harvest May Expose OS Default SSH Login Password Via SUSE Virtualization Interactive Installer

Impact Projects using the SUSE Virtualization Harvester environment are vulnerable to this exploit if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utiliz...

GHSA-6G8Q-HP2J-GVWV Harvest May Expose OS Default SSH Login Password Via SUSE Virtualization Interactive Installer

Impact Projects using the SUSE Virtualization Harvester environment are vulnerable to this exploit if they are using the 1.5.x or 1.6.x interactive installer to either create a new cluster or add new hosts to an existing cluster. The environment is not affected if the PXE boot mechanism is utiliz...

Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2026-1002)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2023-54241

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 MIPS: Remove KVMTE support we get a NULL pointer dereference when creating a KVM...

EulerOS Virtualization 2.10.0 : ppp (EulerOS-SA-2026-1002)

According to the versions of the ppp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description...

EulerOS Virtualization 2.10.1 : ppp (EulerOS-SA-2026-1005)

According to the versions of the ppp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges.CVE-2024-58250 Tenable has extracted the preceding description...

EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2026-1001)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...

EulerOS Virtualization 2.10.1 : libxml2 (EulerOS-SA-2026-1004)

According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libxml2 before 2.12.10 and 2.13.x before 2.13.6 has a NULL pointer dereference in xmlPatMatch in pattern.c.CVE-2025-27113 libxml2...

PT-2026-8206

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-smp--5dddc257e6b2-irqfd 31 Description A flaw exists in the Linux kernel's KVM implementation related to handling KVM IRQFD deassignment. Specifically, the code incorrectly clobbers the irqfd's routing typ...

CVE-2023-54296

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the destination VM when doing intrahost migration. Grabbing the wrong vCPU not only hoses the guest, it...

PT-2026-4667

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.19.0-rc2-ffa07f7fd437-x86 amx nm xfd non init-vm Description The Linux kernel contains a flaw related to the handling of XSTATE BV and XFD during guest XSAVE state loading via KVM SET XSAVE. Specifically, the...