CLSA-2026-1777614769 kernel: Fix of 13 CVEs

crypto: algifaead - Fix minimum RX size check for decryption - crypto: afalg - Fix page reassignment overflow in afalgpulltsgl - crypto: authencesn - Fix src offset when decrypting in-place - crypto: authencesn - Do not place hiseq at end of dst for out-of-place decryption - crypto: authenc - use...

CLSA-2026-1773048865 kernel: Fix of 53 CVEs

xhci: Remove device endpoints from bandwidth list when freeing the device CVE-2022-50470 - HID: multitouch: Add NULL check in mtinputconfigured CVE-2024-58020 - netfilter: nftsetpipapo: clamp maximum map bucket size to INTMAX CVE-2025-38201 - fs: writeback: fix use-after-free in markinodedirty...

OESA-2025-2270 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing closetimeo mount option User-provided mount parameter closetimeo of type u32 is intended to have an upper limit, but...

OESA-2025-2269 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: rapidio: fix an API misues when rioaddnet fails rioaddnet calls deviceregister and fails when deviceregister fails. Thus, putdevice should be used rather than...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: tap: NULL pointer derefence in devparseheaderprotocol when skb-dev is null CVE-2022-50073 In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Treat NX as a valid SPTE bit for NPT...

Linux Distros Unpatched Vulnerability : CVE-2025-38102

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow:...

SUSE CVE-2025-38102

In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...

CVE-2025-38102

The CVE CVE-2025-38102 describes a race in VMCI within the Linux kernel between vmci_host_setup_notify and vmci_ctx_unset_notify. A warning can be triggered in try_grab_folio due to a still-in-progress get_user_pages_fast writing to context->notify_page, which may be observed and mismanaged du...

CVE-2025-38102 VMCI: fix race between vmci_host_setup_notify and vmci_ctx_unset_notify

In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify During our test, it is found that a warning can be trigger in trygrabfolio as follow: ------------ cut here ------------ WARNING: CPU: 0 PID: 1678 at mm/gup.c:147...