Linux Distros Unpatched Vulnerability : CVE-2026-31494

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: macb: use the current queue number for stats There's a potential mismatch between the memory reserved for statistics and the amount of memory written...

CVE-2025-40210

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

CVE-2025-40210 Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND"

In the Linux kernel, the following vulnerability has been resolved: Revert "NFSD: Remove the cap on number of operations per NFSv4 COMPOUND" I've found that pynfs COMP6 now leaves the connection or lease in a strange state, which causes CLOSE9 to hang indefinitely. I've dug into it a little, but ...

CVE-2025-40210

CVE-2025-40210 relates to the Linux kernel NFSD component, where a missing cap on the number of operations per NFSv4 COMPOUND could allow an attacker to place an arbitrarily large op count in the COMPOUND header, triggering a vmalloc allocation failure for the COMPOUND op array. The issue has bee...

PT-2025-47718

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s Network File System daemon NFSD related to the handling of NFSv4 COMPOUND operations. Specifically, a previous change removed a limit on the number of...

SUSE CVE-2025-38592

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...

CVE-2025-38592 Bluetooth: hci_devcd_dump: fix out-of-bounds via dev_coredumpv

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcidevcddump: fix out-of-bounds via devcoredumpv Currently both devcoredumpv and skbputdata in hcidevcddump use hdev-dump.head. However, devcoredumpv can free the buffer. From devcoredumpmtimeout documentation, which i...

PT-2025-28001

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.14.0-rc2-syzkaller-00039-g09fbf3d50205 Description: A bug was found in the Linux kernel, specifically in the media subsystem, where the composition size cannot be larger than the size of fmt cap rect. This iss...

PT-2025-18602 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, specifically an integer overflow in the ghes estatus pool init function. The issue occurs when calculating len during the executi...